This is a Telerik Sitefinity specific issue. I have a sitefinity based website built by somebody and I need to fix the CSS & image loading issue in it. On the home page, the CSS and images are not getting loaded. When I checked the console in Chrome browser, I found it that the style.css was being requested over HTTPS.
The CSS file is in the same application and application hosted on HTTP, the HTTPS request is not able to resolve the HTTPS path to style.css and the page loads without CSS.
The View Page Source shows relative URL and that it points to the HTTP and not HTTPS as it should be. As per my hours of searching for solution, my conclusion is that somewhere in the sitefinity backend settings it is configured to serve the content over HTTPS. However I am unable to find that settings in the list of over 2000 settings. I want to force the complete site and contents to be served over HTTP and not HTTPS.
The Telerik documentation was of little help.
Check if the response contains the following header:
Content-Security-Policy: upgrade-insecure-requests
It would instructs the browser to use HTTPS for any requests.