If the page is viewed over a secure connection (https), then the Google API
should also be loaded over a secure connection.
The documentation at <https://developers.google.com/loader/> recommends that
the API is always loaded over a secure connection:
<script type="text/javascript" src="https://www.google.com/jsapi"></script>
In this case, the patch is trivial (see attachment).
Howevever, if speed is of paramount interest, one could instead check
document.location.protocol and load the API over a secure connection only when
necessary (by dynamically creating the script tag).
Original issue reported on code.google.com by erik...@gmail.com on 4 Oct 2012 at 9:58
Original issue reported on code.google.com by
erik...@gmail.com
on 4 Oct 2012 at 9:58Attachments: