We have a very similar issue. We use HTTPS, but browsers are blocking mixed content by default. The mixed content comes from our content provider over HTTP as different `embed`s and `iframe`s. So, a simple search-and-replace won't fix it. The content provider is NOT accepting the responsibility of providing their services over HTTPS, and have told us to essentially suck it up. Short of reinstalling Moodle 3 in HTTP-only mode, is there any ways to get the embeds to filter through some sort of HTTPS before they hit the user's computer, so they show up?
Security and privacy
How to fix a mix of secure and insecure content?
This discussion has been locked so you can no longer reply to it.