You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Do you need help or have a question? Please come chat in Slack: https://ghost.org/slack 👫. Found a bug? Please fill out the sections below... thank you 👍
Issue Summary
My blog is self-hosted using an https site and I am getting the following warning that is in Chrome. I've replaced my actual domain with in the error message for my personal privacy.
/ghost/#/signin:1 Mixed Content: The page at 'https:///ghost/#/signin' was loaded over HTTPS, but requested an insecure image 'http:///content/images/2018/02/favicon.ico?t=1518474189048'. This content should also be served over HTTPS.
Steps to Reproduce
Configure NGINX as an SSL proxy to ghost
Browse to your personal ghost website /admin and login. After logging in, the lock icon on the browser changes to indicate insecure. Chrome throws the error listed above indicating that favicon.ico is being loaded over http (not https), despite the rest of the content being served as https.
Any other info e.g. Why do you consider this to be a bug? What did you expect to happen instead?
I would expect favicon.ico to be served over https like all of the rest of the data.
Technical details:
Ghost Version: 1.21.1
Node Version: 6.11.2
Browser/OS: FireFox and Chrome on OpenBSD
Database: sqlite
The text was updated successfully, but these errors were encountered:
@mattschwartz03 you need to adjust Ghost's urlconfig value to also be https. If you need support please use our Slack channel rather than opening GitHub issues - we use GitHub solely for bug tracking and on-going feature work and do not offer support here, thanks!
Welcome to Ghost's GitHub repo! 👋🎉
Do you need help or have a question? Please come chat in Slack: https://ghost.org/slack 👫. Found a bug? Please fill out the sections below... thank you 👍
Issue Summary
My blog is self-hosted using an https site and I am getting the following warning that is in Chrome. I've replaced my actual domain with in the error message for my personal privacy.
/ghost/#/signin:1 Mixed Content: The page at 'https:///ghost/#/signin' was loaded over HTTPS, but requested an insecure image 'http:///content/images/2018/02/favicon.ico?t=1518474189048'. This content should also be served over HTTPS.
Steps to Reproduce
Any other info e.g. Why do you consider this to be a bug? What did you expect to happen instead?
I would expect favicon.ico to be served over https like all of the rest of the data.
Technical details:
The text was updated successfully, but these errors were encountered: