You can’t. CSP is there to restrict content on your website, not to loosen browser restrictions. Secure https sites given users certain guarantees and it’s not really fair to then allow http content to be loaded over it (hence the mixed content warnings) and really not fair if you could hide these warnings without your … Read more
Steps as of Chrome v91 (6/17/2021): Click the Not secure warning next to the URL Click Site settings on the popup box Near the bottom of the list is Insecure content, change this to Allow Close settings, go back to the site, and Refresh the page Older Chrome Versions: timmmy_42 answers this on: https://productforums.google.com/forum/#!topic/chrome/OrwppKWbKnc In … Read more
I found this blog post which cleared up a few things. To quote the most relevant bit: Mixed Active Content is now blocked by default in Firefox 23! What is Mixed Content? When a user visits a page served over HTTP, their connection is open for eavesdropping and man-in-the-middle (MITM) attacks. When a user visits … Read more