How to fix “insecure content was loaded over HTTPS, but requested an insecure resource”

“Mixed Content” warnings occur when an HTTPS page is asked to load a resource over HTTP.

This is dangerous because the insecure resources are vulnerable to alteration by an active attacker or eavesdropping by a passive attacker, which violates the user’s expectation of security for an HTTPS page.

https://developers.google.com/web/fundamentals/security/prevent-mixed-content/fixing-mixed-content?hl=en