Mixed content: page at https was loaded over https but requested an insecure
Take a look into your .js
file, make sure that you are using the right ajax URL (//your_site.com/handler
, instead of http://your_site.com/handler
), for instance:
$.ajax({url:'//your_site.com/handler',dataType:'json',type:'get',success: function(data){...},complete:function(xhr, textStatus){...}});
Mixed Content is a security policy employed by current browsers, and its goal is to prevent leaking information fetched over "secure" HTTPS to non-secure contexts. Therefore, a site served with HTTPS must use HTTPS or other TLS-enabled protocols to fetch content.
The URI prefix for Websockets over TLS is wss
, and for plain Websockets ws
. At least Chromium and Firefox consider https
+ws
mixed content, and deny such setting - therefore wss
should be used as the URI prefix in secure/HTTPS contexts instead of ws
.