mailto link is blocked as insecure content in Chrome Gmail

Question

I've got a link in an encrypted HTML email that goes to mailto:blahblah, but it's being blocked in Chrome Gmail. Anything I can do about this?

Example:

1) I open an encrypted HTML email message inside of my encrypted GMail web client (https://gmail.com - notice the s in https).

2) The email contains a link in the folloiwng format: <a href="mailto:user@example.com">Email the user.</a>

3) I click on the link, but it is blocked because GMail and/or Chrome is treating the mailto link as insecure content.

4) I add target="_blank" to the aforementioned link and the problem goes away.

The rest of the message displays and functions correctly because, again, both the message and my email client are using encryption. The only thing that does not work is the mailto link.

Bonus question: how are mailto links classified with regard to protocols such as HTTP and HTTPS? Links to a W3C document would be helpful.

score 9 · Answer 1 · edited May 23 '17 at 12:20

9

From here: mailto link not working within a frame chrome (over https)

The suggestion is to use target="_top" instead of target="_blank".

edited May 23 '17 at 12:20

Community

1
1

answered Oct 17 '14 at 04:43

CoreyOConnor

430
3
7

i have tried top and blank and yet "connection is not secure", if i remove the mailto from the action goes fully secure so def is the form, any help? site is www.mr-programs.com – Mr-Programs Jan 26 '19 at 23:29
I found that I could use either value for target, but just needed the http, following this answer below https://stackoverflow.com/a/56555013/8796340 – mikey Feb 02 '23 at 01:27

score 2 · Answer 2 · answered Feb 17 '21 at 15:22

I solved this with a little JavaScript trick.

Here is my index.html

<div>
    <input id="cname" required="" name="subject" type="text">
    <label for="cname">Name</label>
    <textarea id="cmessage" required="" name="body"></textarea>
    <label class="label-control" for="cmessage">Your message</label>
</div>
<button onclick="sendMail()">Click me</button>

and script.js which get loaded into index.html earlier.

function sendMail() {    
    var body = document.getElementById("cmessage").value;
    var subject = document.getElementById("cname").value;

    window.location.replace(`mailto:hello@domain.com?body=${body}&subject=${subject} wants to contact you`);    
}

and now I got the full green lock back.

score 0 · Answer 3 · answered Oct 23 '13 at 07:18

0

Add target="_blank" to the mailto link.

answered Oct 23 '13 at 07:18

2

The problem with this solution is an unnecessary blank tab is opened in Chrome before the parameters in the mailto link are passed off to the email client specified by the OS. – Oct 23 '13 at 07:20

score 0 · Answer 4 · answered Jun 12 '19 at 05:09

0

I found simple solution for it just add https:// before your form action like:

<a href="mailto:user@example.com">Email the user.</a>

Change it to :

<a href="https://mailto:user@example.com">Email the user.</a>

I solved my issue by doing this I hope this work for you. If you get the solution please mark as solution. Thank you.

answered Jun 12 '19 at 05:09

Dharmik Raval

101
10

2

this isn't working for me. did you set up a redirect for your link? and how? – kenmistry Oct 12 '20 at 10:43
This worked for me and other solutions did not. – mikey Feb 02 '23 at 01:26
@kenmistry Hey I believe its too late to answer. However, I have not added any redirection links. – Dharmik Raval Feb 23 '23 at 11:11

mailto link is blocked as insecure content in Chrome Gmail

4 Answers4

Linked