Mixed Content and Responsive Images
If you’ve been dabbling in responsive images, and I highly recommend you should, you might have come across an issue if you’re hosting them on another CDN that isn’t https. Snook explain why, and how you can fix it (tip: it’s pretty obvious, use https).
Images are considered passive content. As a result, browsers will serve them up even though they’re unencrypted. Scripts, on the other hand, are considered active content and, by default, get blocked.
Interestingly, within the spec is this very line: “Return allowed if one or more of the following conditions are met: […] when request’s type is “image”, and initiator is not “imageset”.”
The
An excerpt from Mixed Content and Responsive Imagespictureelement being an imageset, that means that unencrypted images defined in a<picture>orsrcsetwill get blocked.
