gabemorazan
Crownpeak (Retired)

What's a "non-secure" tag?

Question

What's a non-secure tag call and why is it a problem? 

Answer

A non-secure tag call is a call made by a tag (javascript file) over a non-secure network like HTTP (hypertext protocol) from a secure website (HTTPS). For example, one of your tag vendors on your secure site (HTTPS) could try to connect to their server to deliver cookie data about your user over a non-secure network (HTTP). When this happens it's referred to as  "mixed content" and most browsers alert users to the fact that non-secure content is being transmitted from a secure site.

This results in a real security risk for your users and a poor user experience as most browsers notify users of the security issue. Most modern browsers will prevent non-secure scripts from firing, resulting in your tag failing to collect any data anyway, so you take both a hit on the customer experience and a loss of that data as a result. 

For more information on mixed content, see here: https://developers.google.com/web/fundamentals/security/prevent-mixed-content/what-is-mixed-content

Labels (1)

Can't find what you are looking for?

Find Answers

Search our DG Forum to find answers to questions asked by other DG users.

Ask a Question

No luck? Ask a question. Our Product and Support teams are monitoring the Forum and typically respond within 48 hours.

Ask a Question