Tag Archives: mixed content

Revisited: Eliminating Mixed Content warnings with Amazon Associates

Links & Banners

I verified that adding internal=1 parameter and removing http: from an iframe banner URL will cause it to load securely. I also verified that the clicks are counted (show up in the link Earnings and Link-Type reports.
Important: This does not work for all banner ads. While reviewing the banner ads, this trick will work on any ad that displays without mixed content warnings on the amazon page.

<iframe src="http://rcm-na.amazon-adsystem.com/e/cm?t=tidgubi-20&o=1&p=12&l=ur1&category=mp3&f=ifr&linkID=4ZPJJS7R4IXD5OGO&internal=1" width="300" height="250" scrolling="no" border="0" marginwidth="0" style="border:none;" frameborder="0"></iframe>

I have not been able to figure out a way to make the javascript based Banners load all parts securely.

Secure Widgets

Search


Contextual Recommendations


Omakase

This widget can be secured with some work.

Amazon doesn’t sanitize the amazon_ad_tag parameter, so the &internal=1 trick works for this widget.
Remove "http:" from the script src attribute and update the widget script with:

<script type="text/javascript"><!--
amazon_ad_tag = "tidgubi-20&internal=1"; amazon_ad_width = "728"; amazon_ad_height = "90";//--></script>
<script type="text/javascript" src="http://ir-na.amazon-adsystem.com/s/ads.js"></script>

Partially Secure Widgets

These widgets will load securely; however, they load insecure content if the user hovers over a product and causes a popup to load.

Insecure Widgets

Some quick testing showed the non-mobile friendly widgets use flash. While the flash code is loaded securely, it loads insecure content when executed. Using any of these results in mixed content warnings.