upgrade-insecure-requests directive works but a warning is displayed anyway
I'm loading external content on my web site and I have no control on this content.
My web site is served over HTTPS but some of the external URLs use HTTP.
So I added the upgrade-insecure-requests policy.
This works and I can see in the Chrome DevTools that all external resources are served over HTTPS.
But recently I started getting this warning:
Also, when such content is loaded, the little padlock on the left of the address bar is removed.
Is this warning only there to tell me "hey, I did my job but you should do something about those insecure URLs" or is there something else I'm missing?
NOTE: It works as expected with Firefox: HTTP becomes HTTPS, no warning and the padlock remains.
I seems that it was a false alarm from Chrome since this warning has disappeared.