Documentation website is HTTPS but loads some content over HTTP

Issue #9724 resolved
J. Lewis Muir
created an issue

The Bitbucket Documentation is hosted via HTTPS, but it seems that some content is loaded over HTTP. The result is that various browsers display a warning icon or other indication that the website is not secure. A brief look at what is being loaded over HTTP shows an HTTP request to, but I didn't look thoroughly; there may be others.

In Google Chrome, the secure icon in the address bar has a warning overlay badge and a detail message saying, "Your connection to is encrypted with 128-bit encryption. However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page."

In Safari, no secure connection icon and company name is shown in the address bar.

In Firefox, no secure connection icon is shown in the address bar; instead it shows a warning icon and a detail message saying, "This website does not supply identity information. The connection to this website is not fully secure because it contains unencrypted elements (such as images)."

Comments (3)

  1. Log in to comment