Skip to main content
Google Chrome Blocking Mixed Content

Learn how Google Chrome browser updates block non-secure images.

Updated over 2 years ago

Google Chrome permanently updated settings in the web browser to block mixed media on secure webpages. Blocking mixed media content will ensure that secure HTTPS webpages will only download secure files. Non-secure images and other media referenced as HTTP may appear blocked on secure HTTPS websites. Chrome will auto-upgrade media to HTTPS, however if there's not a security cert available where the media is hosted, the image will fail to load.

Not Secure

http://www.mysite.com/image.jpg

Secure

https://www.mysite.com/image.jpg

When authoring Emails and Popups, you will be warned about any non-secure images in the content of the campaign that should be updated.

Keep the tips below in mind if updating images that could not be automatically updated and as you upload images going forward.

  • Upload images to the Listrak Media Library. The Listrak Media Library hosts images securely and can be used in any campaigns, including email, SMS messages, popups, and forms.

  • If you're hosting images externally, ensure the image hosting service has a security cert and can deliver images securely. Replace any image URLs that reference HTTP to HTTPS. If the secure image doesn't load, the location where the image is hosted is likely missing a security cert. Contact your hosting service or IT team to secure file hosting.

  • In some situations, image URLs may be requested with HTTPS but then redirect to a non-secure URL. Contact your IT team to resolve this redirect issue.

  • Update external code such as boilerplates and templates for emails, popups, and forms to prevent non-secure images from continuing to be used in future campaigns.

Images won't be blocked in several webmail inboxes that cache images on their own servers including Gmail, Outlook.com, and Yahoo. However, if a contact clicks the view in browser link, non-secure images may be blocked when using Google Chrome.

While other browsers don't require these security measures yet, this update is largely considered to be positive and many expect other browsers will follow suit.

Did this answer your question?