2.9.2.4. Mixed content
Important points:
- Mixed content is not associated with the SSL certificate used.
- Setting up a redirect to HTTP / HTTPS will not solve the problem of mixed content (since it does not change the protocol in the links on the pages of the site), manipulations with the site itself are necessary.
Pages with mixed content (mixed content) are site pages opened via the HTTPS protocol, some elements of which (for example, styles, scripts, images) are requested via links with the HTTP protocol. The browser marks such pages as unprotected or incompletely protected and may block the loading of such elements. As a result, the site may be displayed or work incorrectly.
You can view information about the presence of mixed content on the current page of the site in developer tools in the browser. The toolbar is opened by pressing the key F12 or a combination Ctrl+Shift+C... Information is displayed in tabs Console and Security:
To rectify the situation, it is necessary to replace the HTTP protocol with HTTPS in all links on the site. Depending on the internal structure of the site and the used CMS, different actions may be required:
- Checking the correctness of the SSL settings directly in the used CMS.
- Using specialized plugins CMS.
- Search and replace the protocol manually in the site files and / or its database.