HTTPS support on external resources
Opened this issue · 0 comments
shichao-an commented
I'm preparing to host my blog with HTTPS, but I got warning in Chrome console:
Mixed Content: The page at XXX was loaded over HTTPS, but requested an insecure script XXXX. This request has been blocked; the content must be served over HTTPS.
With a quick look, I found the disqus is by default http (as indicated here at disqus.js). Besides, if using custom CSS, after build, there will be a flat.css
in the resulting html/_static/flat.css
that has the following http url:
@import url(https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic);
@import url(https://fonts.googleapis.com/css?family=Source+Code+Pro);body { font-family: 'PT Sans', Helvetica, Arial, sans-serif; }
although I explicitly set https in my primary custom css file at _static/style.css
as follows:
@import url('https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,400italic,500,600');
I have to manually edit the built HTML files before pushing to GitHub Pages.
I was looking forward to a new feature that includes https.