Make sure application runs with both HTTP and HTTPS

[nichtich]

This seems to be a deployment problem:

• [x] http://coli-conc.gbv.de/cocoda/
• [x] https://coli-conc.gbv.de/cocoda/

The backend API needs to be queried the same protocol so better use URLs such as //api.dante.gbv.de/.

HTTPS detection is also required for #15: without encryption login should be disabled.

[stefandesu]

This should work now after the next deployment.