"only secure content displayed" error - font issue

[Roaddoctor]

Hi - small problem, just activated SSL on new 2.3.3.4 shop and I'm getting Only secure content is displayed error on https pages. I've determined it is these three lines in template.top <head>

 

<!-- add custom google font files if you want -->
<link href='http://fonts.googleapis.com/css?family=Roboto:400,300,700' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Lato:300,400,700' rel='stylesheet' type='text/css'>
<link href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.0.3/css/font-awesome.min.css" rel="stylesheet">

 

How should I alter that to eliminate the secure content issue?

 

Thank you

[burt]

Remove http: from the first two lines.

[Roaddoctor]

-doh-

 

Thank you Burt !

@@burt

[MrPhil]

This piques my curiosity. Is it standard browser behavior to accept a URL beginning with // (no protocol given)? Does the browser insert http: or https:, depending on what the page is? I've never heard of this before. It sounds silly to force something like grabbing a CSS file to be done in https, or does it actually do it in http and silence any warnings about insecure content?

[burt]

@@MrPhil if there is no declared http or https on an external link then;

 

if on http:// the script is also called http

if on https:// the script is also called https

 

One has to be careful that there is an available script on both http and https externally!

[Roaddoctor]

just out of curiosity, what's proper here.. single quotes or double quotes

<link href='//fonts.googleapis.com/css?family=Roboto:400,300,700' rel='stylesheet' type='text/css'>
<link href='//fonts.googleapis.com/css?family=Lato:300,400,700' rel='stylesheet' type='text/css'>
<link href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.0.3/css/font-awesome.min.css" rel="stylesheet">

 

I'm guessing double quotes and the first two lines ore technically wrong; or it don't matter?

[burt]

http://www.w3.org/TR/html4/intro/sgmltut.html#h-3.2.2

 

By default, SGML requires that all attribute values be delimited using either double quotation marks (ASCII decimal 34) or single quotation marks (ASCII decimal 39). Single quote marks can be included within the attribute value when the value is delimited by double quote marks, and vice versa. Authors may also use numeric character references to represent double quotes (") and single quotes ('). For double quotes authors can also use the character entity reference ".

 

I personally prefer double quotes.

[MrPhil]

' or " can be used in HTML tags, so long as you use the same delimiter at both ends of a string literal. In PHP, C, and other languages, there is a distinction between ' and ", so don't get confused. One thing you have to be careful about is that in PHP code to produce HTML output, an echo command is customarily used with ' delimiters, meaning that within that string you would either use " or escaped-' (\'). If you're simply writing HTML outside of a PHP block (<?php...?>), you can use whichever one (' or ") you feel like, but you should try to be consistent to minimize future confusion when reading your code.