The target application was found to request resources over insecure transport protocols (HTTP). This is usually due to HTML
elements which load resources using the
http:// scheme instead of
https://. It should be noted that most modern browsers
block these requests automatically so there is limited risk.
Some parts of the application may not behave correctly since these files are not being properly loaded.
https:// scheme instead of
http://. Alternatively, developers may use the
// scheme, which will only load resources
over the same protocol that the originating page was loaded.
A browser visiting the website
https://example.com with the HTML loading a file using
<script src="//example.com/cdn/bundle.js"></script>, would ensure the
example.com/cdn/bundle.js file was loaded over