56

This URL: https://slowapi.com

I can't find the insecure content and the Chrome keeps complaining,

Any ideas?

enter image description here

Super Kai - Kazuya Ito
  • 22,221
  • 10
  • 124
  • 129
justyy
  • 5,831
  • 4
  • 40
  • 73

4 Answers4

62

Update the links via adding a meta tag like below

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

Note: This is a hot fix when you update your production from non-ssl to ssl, anyway you have to fix all the links one by one to https.

Bira
  • 4,531
  • 2
  • 27
  • 42
35

"Mixed Content" warnings occur when an HTTPS page is asked to load a resource over HTTP.

This is dangerous because the insecure resources are vulnerable to alteration by an active attacker or eavesdropping by a passive attacker, which violates the user's expectation of security for an HTTPS page.

https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content?hl=en

Alessio Cantarella
  • 5,077
  • 3
  • 27
  • 34
5

You are trying to access via "http" on a "https" site, its best to use "https" content. You shouldn't access insecure data on a secure channel.

Shubham Sharma
  • 119
  • 1
  • 7
  • Sometimes just use 'http' instead of 'https' can solve this issue. – bitristan May 24 '17 at 09:40
  • i call my laravel apis from ionic app that hosted app on index page as application and my server https and i call https but error said please call https i dont know my dokcer use ngnix and how can i configure docker or ngnix https://stackoverflow.com/q/56157129/308578 – saber tabatabaee yazdi May 17 '19 at 14:43
2

I had this error with an iframe to another website. I changed the src from "https://website.com/folder" to "https://website.com/folder/index.php" and for some reason it works.

Guillaume Hirschler
  • 21
  • 1