Surprisingly, some major websites only have SSL for the checkout process.
I was investigating datasets at DataProvider this morning and searched for large e-commerce sites that don’t have SSL. I was surprised to see some big names on the list.
Some sites have SSL, but only during the checkout process.
For example, if you go to gap.com you will not be on SSL. When it’s time to check out you are sent to secure-www.gap.com, which does have SSL.
Similarly for HomeDepot, the checkout process is on secure2.homedepot.com.
Neither https://gap.com nor https://homedepot.com resolves.
While it might not be a huge deal to lack SSL when you aren’t submitting passwords and payment information, both of these sites have form fields on non-SSL URLs. Next month Chrome will start showing a security message when someone starts typing in these fields. I’m not sure if this will include the search field, but it will certainly include email opt-in forms and this contact page.
Brookstone.com is another site that has SSL issues. https://www.brookstone.com works, but it doesn’t work if you don’t type the www. Also, visiting http://brookstone.com doesn’t forward you to the SSL version. You only see an SSL when you’re in the cart.
Even there, I went to a checkout page this morning that looks like this:
Although the URL for this page is https://, Google gives a warning that says “Your connection to this site is not fully secure” and warns you to not enter a password.
© DomainNameWire.com 2017. This is copyrighted content. Domain Name Wire full-text RSS feeds are made available for personal use only, and may not be published on any site without permission. If you see this message on a website, contact copyright (at) domainnamewire.com.
Latest domain news at DNW.com: Domain Name Wire.
The post Gap.com and HomeDepot.com lack full SSL appeared first on Domain Name Wire | Domain Name News & Website Stuff.
No related posts.
Go to Source
Author: Andrew Allemann