Insecure content from markdown-it-bundle when using https

Recently updated my copy of discourse and noticed this weird little bug in the console that also prevents the preview window from loading.

[blocked] The page at https://domain.com/t/topic/4512/484 was not allowed to run insecure content from http://domain.com/assets/markdown-it-bundle-d1f9395746d57602322789f6d8cdbfcb43f414005bb7a41e18cb6fdbeede9796.js.

Only get this error when accessing the site via https. Accessing the site via regular http eliminates the problem and the preview loads as usual.

Did I miss a recent change somewhere in the setting that I need to adjust so that that particular asset gets loaded over https when connecting via https? All other assets seem to be loading correctly.

If you turn the site setting force_https ON, it should work, can you try that?

Already have that enabled.

If you have that enable how can you access the site via HTTP? :thinking:

1 Like

Adding:

proxy_set_header X-Forwarded-Proto https;

to my outer nginx fixed this by letting discourse know that I needed the https:// assets instead of the https:// ones.

2 Likes