Skip to main content

HTTPS Redirect And Post Editor HTTPS Warnings

Last month, as part of the SSL rollout, Blogger added a page / post / template editor feature - that not everybody understands.

A blog with "HTTPS Redirect" enabled will provide SSL access, for every reader - both those who intentionally use HTTPS, and those who normally use classic "HTTP". Those who normally use "HTTP" will find themselves redirected to "HTTPS" - no choice.

When you use page editor, post editor, or template editor, on a blog which offers "HTTPS" to everybody, you may see an alarming alert.

If you decide to enable "HTTPS Redirect" on your blog, page editor, post editor, and template editor will let you know when you are editing mixed content.

This page contains HTTP resources which may cause mixed content affecting security and user experience if blog is viewed over HTTPS.

When editing pages and posts, on a blog with "HTTPS Redirect" enabled.

Editing your template so it mixes HTTP and HTTPS may affect the security and user experience of your blog when it is viewed over HTTPS. Learn more. Hide warning

And when editing the template, on a blog with "HTTPS Redirect" enabled.

You will have several choices, when encountering the "This page contains HTTP resources ..." / "Editing your template so it mixes HTTP and HTTPS" alert.

  • Change all links to "HTTPS:", using "Fix".
  • Fix each link selectively, and select "Dismiss".
  • Don't change anything, and select "Dismiss".
  • Don't enable "HTTPS Redirect".

Change all links to "HTTPS:", using "Fix".

Select "Fix" - and page / post / template editor will automatically change every "http:" reference to "https:".

You will have broken links, which reference services and websites that do not yet support SSL. You will eventually need to find out what services and websites you link and use, that don't provide SSL - and drop them, or encourage them to upgrade.

Fix each link selectively, and select "Dismiss".

You will have broken links, which reference services and websites that do not yet support SSL. The links that you leave as "HTTP:" will still throw "Mixed Content" warnings.

Don't change anything, and select "Dismiss".

Your blog will throw "Mixed Content" warnings.

Don't enable "HTTPS Redirect".

Let your readers decide how to access the blog. The readers who use HTTPS will see "Mixed Content" warnings.

"Mixed Content" warnings will be around, for a while.

Until all blogs, services, and websites provide SSL, every blog and website that links to or uses those blogs, services, and websites is going to throw "Mixed Content" warnings.

The purpose of the warnings is to let the readers of our blogs know of possible risk.

Hey! This blog has content that may not fully support your need for security!!

That's what the warnings are designed to do. Keep our readers informed, so they can protect themselves.

Not every blog owner knows what to do, when using #Blogger page, post, or template editor, and encountering the Blogger equivalent of a "Mixed Content" alert. Blogs that have the recently added "HTTP Redirect" option enabled will be susceptible to this alert.!category-topic/blogger/SHhkzy1uh8g


Popular posts from this blog

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.

Free Domain Registration By "UNONIC" Is Fraudulent

Blogger blog owners, like everybody else, like to save money.

Some blog owners prefer to save money when registering a custom domain, for their blogs. We've seen several free domain registration services, providing what is claimed to be a two level Top Level Domain "co.xx" (where "xx" == various country codes).

The latest in this ongoing story appears to be "" - and 13 other "top level domains".There is also an additional free service offering third-level .tf domains, under the name United Names Organisation. They occupy 14 second-level domains, including,,, and They are run by the same company as, and are given away as URL redirections.