Some time ago, I opened a question to the forum about icons not loading, and the reason for this had to do with the content being called through HTTP as opposed to HTTPS.
Today I was mucking around learning about tachyon hovers , which uses this example:
<a href="#" class="link black dim db mw5 pa2 br2 ba b--black-10 shadow-1">
<img src="http://mrmrs.github.io/photos/037.jpg" alt="SF at night" class="db mb2 mw-100" />
<span class="db f6 pv2">Card title</span>
</a>
Much to my surprise, the image loaded immediately via HTTP!
Is this a recent change? And will HTTP images continue to be supported?
Nothing has changed here. I suggest you refer to the Mixed Content specification on how browsers handle HTTP requests from HTTPS origins:
https://w3c.github.io/webappsec-mixed-content/#categories
If you want to show an image that’s hosted on an HTTP-only website and avoid mixed content, you could download and attach that image to your notebook as a file.
1 Like
Thanks for the reference! Lots in there to get my head around.
I was surprised to see the image loading at all, as I was under the impression that anything with an HTTP prefix would be blocked. I had no idea the browser specifications were so nuanced.
