Mixed Content- Should I be worry?


Update on March 29, 2021



First of all, we must know about the HTTP and HTTPS protocol to be able to understand mixed content.

  • HTTP: It is the acronym for Hypertext Transfer Protocol and is a communication protocol that allows the bidirectional transfer of information over the internet.
  • HTTPS: This is the acronym for Hypertext Transfer Protocol Secure and allows bidirectional transfer protecting integrity and confidentiality by encrypting the information.

This means that HTTPS is the safe way since it uses two protocols HTTP + SSL + TLS and as previously said, they encrypt the connection between the browser and the web server, but for this an SSL certificate is necessary.

Mixed content occurs on websites that have resources such as images, videos or .js, .php, .css files among others; these are loaded externally from the site through a URL with HTTP then what happens is that the site loads without problems but the browser warns the visitor through the address bar that the page or site is not secure, even when the page was loaded through HTTPS with an SSL certificate.

There are two types of mixed content ...

Passive mixed content: This is one that does not interact with the rest of the page such as images, videos, and audio.

Active mixed content: This is what interacts with the page since they are scripts, style sheets (CSS) iframes, and some other type of code that the browser executes on the site to make it work.

One way to identify if a site has mixed content is through the browser console, in the following image we can clearly see.

 

Now that we know all this, it is extremely important to solve it because it raises problems of use and security, and, consequently, it is not good for SEO since no user will stay on a page that is not secure.