FAQs for DG

What's a "non-secure" tag?


What's a non-secure tag call and why is it a problem? 


A non-secure tag call is a call made by a tag (javascript file) over a non-secure network like HTTP (hypertext protocol) from a secure website (HTTPS). For example, one of your tag vendors on your secure site (HTTPS) could try to connect to their server to deliver cookie data about your user over a non-secure network (HTTP). When this happens it's referred to as  "mixed content" and most browsers alert users to the fact that non-secure content is being transmitted from a secure site.

This results in a real security risk for your users and a poor user experience as most browsers notify users of the security issue. Most modern browsers will prevent non-secure scripts from firing, resulting in your tag failing to collect any data anyway, so you take both a hit on the customer experience and a loss of that data as a result. 

For more information on mixed content, see here: https://developers.google.com/web/fundamentals/security/prevent-mixed-content/what-is-mixed-content

Version history
Revision #:
1 of 1
Last update:
2 weeks ago
Updated by:
Looking for more?
Ask in Discussions

Peer-to-peer support  and answers on developing CMS templates, modifying privacy scripts or building integrations.

Digital Experience Management

Find answers and ask questions on content management, personalization and targeting.

Digital Quality Management

Find answers and ask questions on WCAG and SEO quality management.

Digital Governance

Find answers and ask questions on consent and monitoring solutions.