Page loaded over HTTPS, but requested an insecure font — but all links are HTTPS
UPDATE: Managed to finally solve it after a lot of testing and tinkering.
First; my fonts folder had a .htaccess rule to prevent downloading (license demanded it) from any other origin than the site itself. One of the RewriteRule had HTTP instead of HTTPS:
RewriteEngine OnRewriteCond %{HTTP_REFERER} !^http://(www\.)?mypage\.net/ [NC]RewriteCond %{REQUEST_URI} !hotlink\.(ttf|otf|woff|woff2|eot) [NC]RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]RewriteRule .*\.(ttf|otf|woff|woff2|eot)$ http://www.mypage.net/ [NC] ^^^^^I fixed that to HTTPS and then it changed to a different error:
Failed to decode downloaded font: https://mypage.net/fonts/font.woffOTS parsing error: invalid version tag
To fix this I had to make sure my fonts had deep font support, which it had, and then I read somewhere that it could be solved by adding version to the link (?v=x), e.g.:
src: url('https://mypage.net/fonts/font.woff?v=1') format('woff');
This worked on .woff, .woff2 and .eot, but not .ttf for some reason. Adding version extension on .ttf would give me 404. I actually also at one point encountered that it plain gave me 404 without the extension. I went out on a limb and moved the src: url('…'); containing the .ttf from the bottom to the top and that solved both errors somehow.
At this point it didn't give me errors, but now it simply didn't load the font. It changed to the fallback. After random searching I found that the custom fonts uploaded via plugin (ProPhoto6 — they only allow X amount of uploaded custom fonts, which is dumb) had a different read/write permission. I changed the permissions to the value that all the fonts I use had (fonts uploaded by ProPhoto and was being used); 0666 (had 0644). That finally made it load without errors.