Unless something has changed recently a link to an insecure site won’t trigger a mixed content error.
Mixed content errors refer to the assets which make up the page. If your site is https but loads assets from an insecure source then you would be serving mixed content.
Force_https refers to your discourse site and internal links within it.
A link on a new line oneboxes, rather than just being a link. To do that the link has to be ”loaded” and the default document at the destination is inspected. If the site uses https over http that redirect would take place.
Like @Stephen , I think you might be focussing on the wrong part. As far as I know, having a <a href="http... link will not trigger the mixed content warnings.
This error should only be triggered by embedding non-https content into your https site. So loading external images could be a culprit, or embedding a third party script, something in a theme maybe?
Probably good to dive deeper into the browser console and see what triggers the error
Let me explain. We have many users who type in our domain name in forum replies. We also embed forum replies on the main site so now I have some HTTP internal links instead of HTTPS. It’s not a big issue, but if I could make these HTTPS as well, that would be nice.
This is correct, it doesn’t trigger a mixed content warning
Is there anything I can do? Besides monitoring replies and perhaps writing a script to update URLS