HTTPS/HTTP mixed content

HTTPS/HTTP mixed content Description & How to Fix

Issue details

Mixed content occurs when initial HTML is loaded over a secure HTTPS connection, but resource files (images, CSS, or JS) are loaded over an insecure HTTP connection.

A warning about this will be shown in modern browsers to inform users about the insecure resources on a page.

Mixed content degrades the security and user experience of your HTTPS site.

How to fix

Make sure all the resources on your web pages are loaded over a secure HTTPS connection. If the resource is available over HTTPS, you can simply link to its HTTPS version. Otherwise, you should:

  • Include the resource from a different host, if one is available.
  • Download and host the content on your site directly, if you are legally allowed to do so.
  • Exclude the resource from your site altogether.