Buggy resource loading on SSL website

jenss

Hey,

I'm really happy with the theme, but on my https domain, some resources don't properly load under chromes strict mixed-content rule.

https://www.jenssage.com/

The developer console reads:
Mixed Content: The page at 'https://www.jenssage.com/' was loaded over HTTPS, but requested an insecure video 'http://www.jenssage.com/wp-content/uploads/2017/05/run-when-you-can-Broadband-Low.mp4'. This content should also be served over HTTPS.

This occurs for webfonts (woff upload) and videos. In some cases even clicking isn't possible anymore, because a javascript error occurs:
Uncaught DOMException: Failed to execute 'pushState' on 'History': A history state object with URL 'http://www.jenssage.com/run-when-you-can/' cannot be created in a document with origin 'https://www.jenssage.com' and URL 'https://www.jenssage.com/'.
at Function.m.pushState (https://www.jenssage.com/wp-content/themes/lay/frontend/assets/js/vendor-min.js?ver=2.1.5:2:24152)
at HTMLAnchorElement.<anonymous> (https://www.jenssage.com/wp-content/themes/lay/frontend/assets/js/build/build.js?ver=2.1.5:1:11868)
at HTMLBodyElement.dispatch (https://www.jenssage.com/wp-includes/js/jquery/jquery.js?ver=1.12.4:3:12444)
at HTMLBodyElement.r.handle (https://www.jenssage.com/wp-includes/js/jquery/jquery.js?ver=1.12.4:3:9173)

Please fix. I even tried to find and replace all "http://" strings during runtime and replace them with "https://" but that didn't help, I guess there is some javascript magic at work

Thanks
Jens

mariusjopen

Hey Jenss!

Best is if you write an email to armin.unruh@gmail.com and include your username, password and a link to this conversation.

All the best!

Marius