medium

Mixed Content: Insecure resource requested

HTTPS page loading resources over HTTP. Modern browsers block mixed content.

Common Causes

  1. 1Hardcoded HTTP URLs
  2. 2Third-party scripts over HTTP
  3. 3CDN not configured for HTTPS

How to Fix

Add CSP upgrade header

Content-Security-Policy: upgrade-insecure-requests

Automatically upgrades HTTP requests to HTTPS.

How ObserveOne Helps

Third-party assets are the usual source of mixed content, and they break silently when the provider changes. Monitoring the asset and API URLs your pages depend on with ObserveOne catches a vanished resource before it breaks the page.

Start Monitoring Free

Related Errors