I am getting this error in the browser console:
Mixed Content: The page at 'https://async-java.github.io' was loaded over HTTPS, but requested an insecure resource 'http://async-java.github.io/v/0.1.2/'. This request has been blocked; the content must be served over HTTPS.
my iframe is being loaded with:
<iframe id="main-iframe" src="v/0.1.2" width="100%" height="100%"></iframe>
is there some way to force it to use https without having to use an absolute URL? The relative url is a lot more convenient because it works for localhost etc.
I found this answer, it says to use:
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
which worked for this use case. For more info see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests