javascriptjscript

A parser-blocking, cross site (i.e. different eTLD+1) script, is invoked via document.write warning


When I look at my site's console, I see in Chrome the following warning:

A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.trust-
provider.com/trustlogo/javascript/trustlogo.js, is invoked via document.write. 
The network request for this script MAY be blocked by the browser in this or a 
future page load due to poor network connectivity. If blocked in this page load, 
it will be confirmed in a subsequent console message. See
 https://www.chromestatus.com/feature/5718547946799104 for more details.

What is triggering this is the Sectigo's trust logo. You can see this warning on their site too.

Also I am using the same code as they have offered on their site in my page:

<script type="text/javascript"> //<![CDATA[
  var tlJsHost = ((window.location.protocol == "https:") ? "https://secure.trust-provider.com/" : "http://www.trustlogo.com/");
  document.write(unescape("%3Cscript src='" + tlJsHost + "trustlogo/javascript/trustlogo.js' type='text/javascript'%3E%3C/script%3E"));
//]]></script>
<script language="JavaScript" type="text/javascript">
  TrustLogo("https://sectigo.com/images/seals/sectigo_trust_seal_lg_2x.png", "SECEV", "none");
</script>

Can anyone help please to fix this warning? Thank you.


Solution

  • Instead of invoking the script using document.write try to include it normally :

    <script type='text/javascript' src='https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js'></script>
    
    <script type='text/javascript'>
      TrustLogo("https://sectigo.com/images/seals/sectigo_trust_seal_lg_2x.png", "SECEV", "none");
    </script>