Running Discourse v2.2.0.beta7 +110
When people post a new topic and they embed an image by pasting the image URL on a blank line, the image does not appear until some minutes later, when Sidekiq has downloaded the remote image to local (albeit AWS S3).
This only occurs when people paste HTTP URLs to remote images in to their post, all HTTPS images are displaying fine.
Here’s what everyone sees in the minutes before the image is pulled locally:
Firefox 64.0.2 on Windows 7:
Chrome 70.0.3538.102 on Windows 7:
Some steps to replicate…
Start a new topic
Paste a URL to an externally hosted HTTP image (not https)
The image preview appears fine on the right hand side but there is a yellow warning in browser console:
Upon posting the topic, the image also displays fine at first (only to the author of the post) but now there are lots of red and yellow warnings now:
Navigate away from that new post then go back in to it (and/or refresh the page to clear the console too). Image is no longer displayed and there are console warnings and errors in red / yellow about mixed content.
Wait five minutes for the image to be pulled locally and for System user to edit the first post with the new / local image URL and it then displays fine with no warnings.
Again, this only occurs on HTTP image URLs, all https image urls are fine.
ember_jquery.js seems to throw the yellow warnings of “Loading mixed (insecure) display content “
http://www.sebulli.com/Testbildgenerator/testbild.gif” on a secure page”