If your COS Website is set up using SSL (HTTPS), assets being loaded over HTTP will be blocked from loading by your browser. HubSpot automatically ensures that all HubSpot-hosted resources are protocol-less to ensure that they load without issue; however, if you are loading assets from an external server via HTTP the asset will not load, once SSL is enabled.
To resolve mixed content warnings for resources loaded from a non-HubSpot domains, use the HTTPS version of the URL, if possible. If the external site does not support HTTPS requests, you will need to contact that domain's admin to see if they can make their content available over HTTPS. As an alternative, if the source file does not support HTTPS, upload the asset to HubSpot's File Manager, and reference that URL instead.
References in stylesheets or scripts
One of the most common sources of mixed content warnings are non-HubSpot hosted files in your site's stylesheet.
- @font-face references that load externally-hosted fonts
- Background image urls
- @imports of external stylesheets
Additionally, if you are using custom scripts that reference any external assets, you will want to update those files as well.
Scripts and stylesheets
If you are attaching external stylesheets to the <head> or footer of your site, your template, or your page, you will need to ensure that these files support HTTPS requests. These references can be added to HubSpot in the following locations:
- Content > Content Settings > Page Publishing > Site Header HTML or Site Footer HTML*
- Content > Content Settings > Blog > Header HTML for Blog Listing Pages
- Content > Design Manager > Template > Edit > Edit Head or HTML module in global footer
- Page editor > Options > Edit Head HTML or Edit Footer HTML
*Note that global site settings can be domain specific, so you may need to select the domain at the top of Page Publishing settings.
If you have images in your content that load off external URLs, you will want to try making their src attributes to be HTTPS.
If HTTPS is not supported by the external server, you can upload those images to HubSpot's File Manager. You can learn more about uploading assets to File Manager, in this article.
Assets hosted on cdn1.hubspot.com do not support HTTPS requests. To resolve this issue, locate the file in File Manager and clone it. After cloning the file, copy the new file URL and update the reference.
Use relative URLs
Check to see if your assets and images are using relative URLs instead, such as "//www.mysite.com/myimage.png" or "//www.mysite.com/my-asset-location".
Relative URLs don't use protocols (don't have "http" or "https") and will load under whichever protocol is set.