Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is my mental model wrong? A relative css path will be called using https if the page gets called using https

If your page gets called using https protocol, any relative path to an external css will be called using https protocol as well. Are you really need to encrypt/decrypt css contents? :D However, if you use absolute path referring to an external css, you can specify the protocol to use, generally http rather than https. Maybe I am wrong!

Please let me know whether or not my mental model is totally wrong.

like image 964
xport Avatar asked Aug 04 '10 03:08

xport


3 Answers

Yes you are correct, relative paths will use the same protocol you're currently on, fully qualified paths can include whatever protocol they want.

You typically want the relative behavior to act like it does, otherwise you'll get a insecure-content warning if you're loading http:// resources on a https:// page in most browsers.

like image 121
Nick Craver Avatar answered Nov 15 '22 12:11

Nick Craver


As others have answered, your model is correct. A really fun feature that many people are not aware of is protocol relative urls. "//www.foo.com/bar.html" is a perfectly valid URL and will preserve the current protocol.

This is very handy if you are outputting HTML which must work on http and https but needs some host names (e.g. to support static.foo.com / images.foo.com).

like image 44
Gmaxwell Avatar answered Nov 15 '22 12:11

Gmaxwell


Yes, css/js specified by relative path will be loaded using HTTPS. No, you won't have to decrypt the contents, the browser will do it for you. Yes, you can refer to css/js by using absolute path, specifying the protocol, including HTTP. One thing you have to be careful is that some browsers will prompt a warning about a secure site loading insecure contents.

like image 41
Igor Zevaka Avatar answered Nov 15 '22 12:11

Igor Zevaka