The content must be served over HTTPS. #1204
Description
Mixed Content: The page at 'https://mydomain/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://updates.archipelproject.org/'. This request has been blocked; the content must be served over HTTPS.
Refused to frame 'http://welcome.archipelproject.org/?lang=en' because it violates the following Content Security Policy directive: "default-src https:". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.