Fix the Mixed Content mess in XHR Requests (#165)

BigBlueHat · dlongley · commit 0a7b8ba26b2d · 2017-01-20T09:38:01.000-05:00
Using https://www.w3.org/TR/upgrade-insecure-requests/ Added to the two browser-based document loaders: jquery & xhr
diff --git a/js/jsonld.js b/js/jsonld.js
@@ -1687,7 +1687,8 @@ jsonld.documentLoaders.jquery = function($, options) {
       },
       // ensure Accept header is very specific for JSON-LD/JSON
       headers: {
-        'Accept': 'application/ld+json, application/json'
+        'Accept': 'application/ld+json, application/json',
+        'Upgrade-Insecure-Requests': '1'
       },
       dataType: 'json',
       crossDomain: true,
@@ -1964,6 +1965,7 @@ jsonld.documentLoaders.xhr = function(options) {
         {contextUrl: null, documentUrl: url, document: null});
     };
     req.open('GET', url, true);
+    req.setRequestHeader('Upgrade-Insecure-Requests', '1');
     req.setRequestHeader('Accept', 'application/ld+json, application/json');
     req.send();
   }
