https mixed content warning only on page reload in chrome
I'm working on a test site (not publicly accessible).
It has a valid certificate and when I visit a certain page it shows as secure in chrome...
When I refresh the same page, it shows the security info i icon.
On the security tab in dev tools it says there's mixed content (no other issues)
When I reload the page with the security tab enabled there are no mixed content issues.
The page always shows secure in Firefox.
Does anyone know what causes chrome to show the security info icon, only on reload, and not when the dev tools are open?
I've found a page on another website where this is happening...
https://www.volkswagen.co.uk/financeCalculator/generateDefaultCalculation?modelId=1997
- If you go to that link ^^^
- It shows secure
- Hit refresh
- It shows insecure
- Open dev tools security tab
- It says it's got mixed content
- Refresh to get details of mixed content
- Page shows as secure.
The VW page you linked to does serve its favicon over http which is the reason for Chrome showing the security info icon.
