I'm working on an app that will be using https, but we wanted to be able to use the google search api. They do not have an https version available, so it causes the browser to display an insecure warning dialog. It was suggested that we could dynamically load the script after initial load to avoid the warning. I didn't think that would work. I can try if nobody knows, but I thought it would be faster to just ask.
+2
A:
Should this even be done? A alert is displayed for a reason, why trick the user into believing their data is secure when you're sending things plain text through google search?
To me it seems like an abuse of user trust, and is bad practice.
Ian Elliott
2009-06-30 18:29:49
I actually completely agree with you, but nevertheless would like to know the answer in case our alternatives do not work out.
Russell Leggett
2009-06-30 18:39:51