Currently, if the page containing the JS and links is served over https but the individual links are coded with http URLs, only a blank popup displays on modern browsers (because of mixed content security practices). A better solution would seem to be: if the containing page has been served via HTTPS, rewrite any links to try with HTTPS; if 404 then don't display a pop-up at all.
Currently, if the page containing the JS and links is served over https but the individual links are coded with http URLs, only a blank popup displays on modern browsers (because of mixed content security practices). A better solution would seem to be: if the containing page has been served via HTTPS, rewrite any links to try with HTTPS; if 404 then don't display a pop-up at all.