We're evolving to serve you better! This current forum has transitioned to read-only mode. For new discussions, support, and engagement, we've moved to GitHub Discussions.

Publii native scripts cause Chrome to block website and flag site as insecure

  • #712
    Avatar photo[anonymous]

    Ok, I got past the issues of Publii not syncing the website to s3 by uploading the contents of the Publii’s output folder to s3 with CyberDuck. But now that I have Publii’s files as they are supposed to, I discovered a nasty problem with Publii’s out-of-the box setup:


    So before loading the CSS and the JS, Chrome blocks my website flagging big red bells about the security of Publii’s scripts. So if I click on “load unsafe scripts”, The CSS and the JS loads but then my site’s security grading disappears and people are constantly told the site is insecure despite the certificate:


    So, what’s going on?

    Avatar photo[anonymous]

    This was sent twice, just tried to delete it but one can’t.

    Avatar photo[anonymous]
    This reply has been marked as private.
    Avatar photoBob


    If you refer to the external SVG sprite file it does not work on Chrome or Firefox. The SVG map file must be served from the same domain you set in the server configuration.