Friday, May 11, 2012

Don’t Forget to Secure your TypeKit!

Today I made a stupid mistake. I am using TypeKit and I added my reference like so:

<script type="text/javascript" src="http://use.typekit.com/….js"></script>

Can you see what’s wrong?

It works great in local development, however when I deploy to production, I will be using HTTPS. When my page tries to hit the TypeKit servers over HTTP, my browser is going to complain about insecure connections.

I could switch to

<script type="text/javascript" src="https://use.typekit.com/….js"></script>

but instead I decided to make my link protocol relative:

<script type="text/javascript" src="//use.typekit.com/….js"></script

this way it will call the protocol that my site is currently serving. TypeKit does support HTTPS.

1 comment:

  1. Are there any security issues with type kit? The annoying developer at my work said there was but couldnt elaborate

    ReplyDelete

Follow me on App.net