How to fix “insecure content was loaded over HTTPS, but requested an insecure resource”

Question

This URL: https://steakovercooked.com/wedding/schedule-wedding-ceremony/

I can\'t find the insecure content and the Chrome keeps complaining,

Any ideas?

Answer 1

Update the links via adding a meta tag like below

<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

Note: This is a hot fix when you update your production from non-ssl to ssl, anyway you have to fix all the links one by one to https.

Answer 2

"Mixed Content" warnings occur when an HTTPS page is asked to load a resource over HTTP.

This is dangerous because the insecure resources are vulnerable to alteration by an active attacker or eavesdropping by a passive attacker, which violates the user's expectation of security for an HTTPS page.

https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content?hl=en

Answer 3

You are trying to access via "http" on a "https" site, its best to use "https" content. You shouldn't access insecure data on a secure channel.