Accessing CDN using https from a website running in http

Question

I am developing a website which is going to be in http. I was trying to include jquery from google cdn.

The answer given here says

using protocol-relative URL lets you easily avoid mixed content security errors.

from google cdn, it is seen as

We recommend that you load libraries from the CDN via HTTPS, even if your own website only uses HTTP.

I see these two as contradictory. Basically, when we have a website in http and using cdn through https, what are the content related errors one can expect? Whay is the recommended approach now?

score 3 · Answer 1 · answered Jul 29 '17 at 01:31

3

It's fairly common to do local development in an environment without HTTPS. Using the protocol-relative URL means you can develop on HTTP and not have to worry about remembering to switch it to HTTPS every time you deploy to production.

For CDNs, though, you can be assured the CDN has HTTPS whether you're working locally or in production, so it's entirely fine to hard-code the HTTPS URL there.

answered Jul 29 '17 at 01:31

ceejayoz

176,543
40
303
368

thanks for helping. I did know what were the content security errors mentioned in the answer referred. now clear. – Kiran Jul 29 '17 at 01:32

Accessing CDN using https from a website running in http

1 Answers1

Linked

Related