Mixed Content
Checks for HTTP resources on HTTPS pages
Checks for HTTP resources on HTTPS pages
| Rule ID | security/mixed-content |
| Category | Security |
| Scope | Per-page |
| Severity | error |
| Weight | 7/10 |
Solution
Mixed content occurs when an HTTPS page loads resources over HTTP, breaking the security chain. Browsers may block these resources. Update all resource URLs to use HTTPS or protocol-relative URLs (//example.com). Check images, scripts, stylesheets, fonts, and iframes. Use Content-Security-Policy: upgrade-insecure-requests to automatically upgrade HTTP to HTTPS.
Enable / Disable
Disable this rule
squirrel.toml
toml[rules]
disable = ["security/mixed-content"]Disable all Security rules
squirrel.toml
toml[rules]
disable = ["security/*"]Enable only this rule
squirrel.toml
toml[rules]
enable = ["security/mixed-content"]
disable = ["*"]