Mixed content in the Alpha Church demo on the Hugo website

[onedrawingperday]

Hello @funkydan2 and Happy New Year!

I recently reviewed the deploy log of the Hugo Themes website and it seems that you have some insecure http:// URLs that are throwing warnings:

Here is the tentative list from the Netlify log:

In theme/alpha-church/posts/image-content/index.html:

Insecure img urls:
    http://via.placeholder.com/600x200
    http://via.placeholder.com/600x300
    http://via.placeholder.com/300x400#float-right
    http://via.placeholder.com/300x400#float-left
    http://via.placeholder.com/300x400

In theme/alpha-church/sermons/institutes-2-11/index.html:

Insecure source urls:
    http://ia801403.us.archive.org/29/items/institutes_christian_religion2_1003_librivox/institutesofchristianreligion2_11_calvin_64kb.mp3

In theme/alpha-church/sermons/table-talk-word-of-god-i/index.html:

Insecure source urls:
    http://www.archive.org/download/table_talk_martin_luther_1801_librivox/tabletalk_05_luther_128kb.mp3

Also here is the search results page for the string http:// from your theme's repo. Some of the results do not apply but I noticed that there are a couple of more insecure assets than the ones mentioned above.

In most cases this is simply a matter of replacing http with https for example http://via.placeholder.com/600x200 is also available under https://via.placeholder.com/600x200

Can you please look into the above and let me know?

Thanks.

[funkydan2]

Thanks @onedrawingperday

I've reviewed the code and removed almost all the references to http - except for when they're in text, or when they refer to the hugo server (http://localhost:1313).

[onedrawingperday]

Thank you @funkydan2

If I see anything else in the deploy log I will let you know.