Chrome blocking HTTPS to HTTP download for files (Mixed Content error)

[tomvothecoder]

Describe the bug

Chrome now blocks downloads from secure (HTTPS) to insecure (HTTP) connections. This looks like a new security measure since Safari still works for HTTP downloads.

Mixed Content: The site at 'https://esgf-node.llnl.gov/' was loaded over a secure connection, but the file at 'http://esgf.nci.org.au/thredds/fileServer/replica/CMIP6/DAMIP/CCCma/CanESM5/hist-sol/r10i1p1f1/day/hfss/gn/v20190429/hfss_day_CanESM5_hist-sol_r10i1p1f1_gn_18500101-20201231.nc' was redirected through an insecure connection. This file should be served over HTTPS. This download has been blocked. See https://blog.chromium.org/2020/02/protecting-users-from-insecure.html for more details.

This is affecting both MetaGrid and CoG. https://blog.chromium.org/2020/02/protecting-users-from-insecure.html

Desktop (please complete the following information):

• OS: Mac OSx
• Browser and Version: Chrome Version 88.0.4324.96 (Official Build) (x86_64)

To Reproduce

1. Search for a dataset
2. Click download via HTTP for a file
3. Nothing appears, console shows error for This download has been blocked

Expected behavior

Files should download

[sashakames]

Its been revealed that even if we patch CoG to rewrite http urls as https, users will start seeing certificate (privacy) errors for data nodes that don't use valid certs. While this is not a new issue (with esg-orp redirects for restricted data), its not a great UI experience.
Firefox still allows a user to "Accept Risk" but other browser won't allow the download.