ShipScript has been an eBay Community volunteer since 2003, specializing in HTML, CSS, Scripts, Photos, Active Content, Technical Solutions, and online Seller Tools.
That listing shows the button when I go to it directly.
https://www.ebay.com/itm/382220443264
I scanned that listing here
http://www.isdntek.com/ebaytools/ActiveContentSandbox.htm?382220443264
and the "Markup" tab shows that it does indeed contain non-secure images that are hosted by ChannelAdvisor. So that seller's other items are also very likely to be shown one-click-away.
The confusing part is why you saw the whole listing originally, and not later. My guess is that you saved it before the full enforcement was implemented across all pages. Unfortunately, I was not paying close enough attention to notice how the enforcement was being staged.
For product related photos in the description, upload to eBay and then use those eBay-hosted photos in your description.
If you need help extracting the eBay photos in a single listing, this tool will display the largest version available for each eBay photo.
http://www.isdntek.com/ebaytools/ShowLargestListingPhoto.htm
Or use this tool to display all those eBay photos at the different sizes that eBay hosts so that you can pick out the sizes you want.
http://www.isdntek.com/ebaytools/CaptureThumbsFromListing.htm
For icons unrelated to the product, these free hosting sites have been suggested by other forum posters. I have not evaluated them:
http://www.sslpic.com free hosting of secure logos.
Their Secure image hosting is intended for icons and logos, not product photos. Here are the limitations:
• GIF or JPG file only.
• Filesize not more than 50 KB. <-- this is quite small
• Width not more than 750 pixels.
• Height not more than 90 pixels.
https://httpsimage.com free hosting of https images.
If there are any limitations, they have not yet been posted on the site.
eBay has already told us that stores won't be made secure in the near term, and my presumption is that is due to custom old-style stores coexisting with stores in the new format. I think eBay could add the secure protocol to new stores with no ill effect, but older stores with user-hosted custom content would be much trickier, and would require a major effort on the part of those sellers to bring their stores into SSL compliance.
Additionally, based on one of the seller updates where eBay advised sellers to put no more effort into store designs, I think eBay is probably trying to add more features to the new format in order to ultimately retire the old format. It might be a wasted effort for eBay to try to split delivery of new secure stores from delivery of old non-secure stores if the old store format would be retiring anyway.
"We highly recommend that sellers discontinue any investment in a custom html stores experience since this option will not be supported long term. We will provide additional information to let you know when active content will no longer be permitted in store pages in 2017."
Nonetheless, if the timeline is a long way out, maybe a split delivery is something eBay would be considering if secure stores seem to be in high demand. @sandyoutlet
@ambleoutdoorsusa wrote:The store editing (Mange My Store) URL also shows as NOT SECURE in Chrome.
Nothing has changed with store editing except the Chrome browser. You can continue to use the Store Manager as before with the only difference being that your browser will put a warning there.
Editing your store is just as secure as it has always been. If you are not giving up any vital information like passwords, personal info, or login credentials, it really does not matter that you are transmitting your store choices over a non-secure connection. A lot of the data passed will be things like your logo, your store summary text, and category naming. Not much there to worry about.
The https protocol will only protect the transmission of that data by encryption. It has nothing at all to do with the security of the server or the secuity of your own computer.
Remember, it is only the Chrome browser that has changed and is nagging you to send your logo or category choices over a secure encrypted connection. A user can enter and transmit any sort of data, and the browser can not differentiate between important data like personal info and ho-hum housekeeping like store summary or category names, so the browser flags all text input fields as "important", even when they are not.
@etvideo1ataol wrote:Now, I am getting the HTTP/HTTPS warning and I have no idea what they are talking about and for something so important, they might tell me just what needs to be removed and not have me guess.
Also, a hint as to what the difference between HTTP and HTTPS is?
In the very first post of this thread is a link that explains the difference between http and https and why ebay is asking sellers to make the change.
http://pages.ebay.com/seller-center/listing/browser-security-standards.html
The "s" at the end of the http data transfer protocol stands for "secure". It means that the connection between your browser and the destination server will be encrypted so that any data that passes over that connection will be secure and not easily wire-tapped.
Listings don't really need to be delivered over a secure connection, but eBay's move is a reaction to new browser requirements levied by Chrome and other browsers.
eBay's response is a two step issue:
First, because the listing is a shopping page with a search box and data entry fields, the browsers will automatically alert buyers that "your connection is not secure" when the page loads. eBay's response to that buyer turn-off is to deliver secure pages so that the happy green padlock appears without an alert.
But the second step involves the seller directly. Even though eBay's page is now secure, if your description embeds content like images, videos, or stylesheets that are not hosted over a secure connection, the browser may block your description entirely. To prevent that unhappy situation, eBay asks that you convert all your http URLs to https if your server supports that change. If you can't make that change immediately, of if your content host does not support https, then eBay's answer to the blocked description is to remove it from the secure page. Instead, eBay will deliver the description one-click-away as a non-secure page that has no search box or other data entry fields to trigger the browser alert.
Now, to your question of what needs to be fixed.
I bulk scanned your listings here and can see that all of your listings have issues of links to non-eBay pages and images using the older http protocol:
http://www.isdntek.com/ebaytools/ActiveContentScanner.htm
In clicking the EXAMINE button for one of those listings, the Markup tab shows me that your photobucket images are not secure.
http://www.isdntek.com/ebaytools/ActiveContentSandbox.htm?372118785919
Photobucket now supports https, so you can can simply use eBay's bulk edit tool to fix that issue. You can start with this list:
https://www.ebay.com/sh/lst/active/http-content
Find:
http:
Replace with
https:
For help with the non-eBay links, ask me over on the Active Content forum and I can walk you through those. I think they are all going to be Links added by Photobucket and we have a few different fixes for those.
https://community.ebay.com/t5/Replacing-Active-Content/bd-p/activecontent
@902ricky wrote:i don't see how that has anything to do with being secure. as it is now i clicked a few times on the full description and was redirected to a completely new page. how is that secure ?
The browser is looking for data entry fields (eBay has a search box, zip input, quantity input, and other data entry fields). If a browser finds such fields, it expects all data on the page to be transmitted over an encrypted connection. The connection won't be secure if some of the content on a "secure" page is pulled in from an external site over a non-encrypted connection.
Thus when you have content that is "not secure", eBay will kick your content out of its secure page so that the data transmitted by eBay's part of the page will remain secure. It does not matter that your description is transmitted over a non-secure connection, just as long as it is not part of eBay's page and as long as there are no data entry fields in your description to be compromised.
