Does not use HTTPS

[skarensmoll]

Hi there,

I'm running the lighthouse report on my page that relies heavily on third party resources which does not use the https protocol, and the report is lowering down the best practices metrics because of this. is there anything I can do ? since I don't have control on those libraries?

Thanks in advance!

[connorjclark]

You could rehost those libraries on your own site, confident that they are behind https and can't be modified by a MITM attack. Of course, it'd become a maintenance burden to update the libraries whenever they change.

What third parties are you relying on that don't support https?

[skarensmoll]

Thanks for your quick answer @connorjclark these are the libraries:

http://www.gstatic.com/external_hosted/gsap/v1_18_0/TweenMax.min.js http://www.google.com/js/gweb/analytics/autotrack.js http://www.google-analytics.com/u/ga_debug.js

[connorjclark]

They all work on https- just change http to https and your page should still work.

[skarensmoll]

ok thanks a lot!