Check for Secure Content References in HTML

STEP 1: Open your web editor and inspect your pages for every component type listed in the table below. For example, search the text of the code for the less-than sign and first word, for example <img.

Note: You can ignore any components that begin with the code “<a href="URL">”, since those hyperlinks point not to an object within the page, but to another web page entirely, and are not relevant to the changes you’re making.

STEP 2: Once you locate a place where a URL is being specified in the code, make sure it does not specify “http:” at the beginning. If it does, simply remove that part.

For example, if the URL looks something like the following:
http://www.lehigh.edu/~inabc/section/images/newsitem.jpg

change it to:
//www.lehigh.edu/~inabc/section/images/newsitem.jpg

If there is no “http:”, leave the URL exactly as it is. For example, the following URLs do not need to be changed:
/~inabc/section/images/newsitem.jpg
images/newsitem.jpg

Repeat steps 1 and 2 for every occurrence of any of the specified components in the file.

STEP 3: Re-publish your web page(s) after you’ve made your changes. The process is considered complete (for any given page) in the absence of any security errors or messages in the web browser or the browser console.

In addition to using the browser's built-in console, there are a few security-check tools that may help you identify and fix mixed-mode problems:

• https://www.whynopadlock.com/
• https://httpschecker.net/
• https://www.jitbit.com/sslcheck/