Site requesting via insecure URLs


#1

The site is sometimes trying to fetch stuff http via instead of https, including javascript code. This causes chrome to not load (for example) the post preview script by default. This is what the console says on this form page:

Mixed Content: The page at ‘https://forum.photonic3d.com/c/site-feedback’ was loaded over HTTPS, but _ember_jquery-a8dcbd325e04410f036f2a791d66d8316c48c5387acdd914de99a5dd6afb3cd3.js:9248 requested an insecure script ‘http://forum.photonic3d.com/assets/markdown-it-bundle-91aeb6600f2162d2794f12418867fef862f49ea60a788ebe93b131e36535bd08.js’. This content should also be served over HTTPS.

This is what the console says for the main Docs page:

Mixed Content: The page at ‘https://wiki.photonic3d.com/doku.php’ was loaded over HTTPS, but doku.php:30 requested an insecure stylesheet ‘http://fonts.googleapis.com/css?family=Lato’. This content should also be served over HTTPS.
Mixed Content: The page at ‘https://wiki.photonic3d.com/doku.php’ was loaded over HTTPS, but 2js.php?t=codowik&tseed=…:3 requested an insecure font ‘http://fonts.gstatic.com/s/lato/v13/UyBMtLsHKBKXelqf4x7VRQ.woff2’. This content should also be served over HTTPS.
Mixed Content: The page at ‘https://wiki.photonic3d.com/doku.php’ was loaded over HTTPS, but js.php?t=codowik&tseed=…:3 requested an insecure font ‘http://fonts.gstatic.com/s/lato/v13/1YwB1sO8YE1Lyjf12WNiUA.woff2’. This content should also be served over HTTPS.

I’m not an expert, but it sounds like a server misconfiguration?