Sign in

Publii native scripts cause Chrome to block website and flag site as insecure

#718
luismorais

Just found out what the issue could be. It seems there is an issue with mixed content in which certain links are called as https and others as http.

I just checked the server configuration again and realised that http and not https is set by default for Amazon s3. Perhaps https could be set by default for s3. Another thing that threw me off was the use of absolute paths, until then I never really cared as I just assumed relative paths would be used.

Despite the change to https which solved the warnings for http://www.cognitive-patterns.com, I m still getting warnings for the s3 url:

index.html:formatted:1 Unsafe attempt to load URL https://www.cognitive-patterns.com/assets/svg/svg-map.svg from frame with URL https://s3.eu-west-2.amazonaws.com/www.cognitive-patterns.com/index.html. Domains, protocols and ports must match.

I also tried to set links to relative path and strangely for the s3.eu… url, the images didn’t load.