Mixed content served despite connector claiming otherwise

Hi everyone,

we had been trying to migrate our connect app to a different base url, which however was incorrect so we decided to move back.

After migrating back and manually creating a new version, the connect descriptor gets picked up correctly with the new (old) baseUrl. However, despite the connector only containing HTTPS urls, we are suddenly receiving mixed content problems (i.e. the browser blocks the request, rendering the app unfunctional).

Connector can be found here:


As you can see, we only ever request data from https://cdn.yfiles.net and the app never makes any requests to other URLs internally. Still, we get derailed because of:

Mixed Content: The page at ‘https://jasmine-moeller-yworks.atlassian.net/wiki/spaces/TEST/pages/29917225/asdfgh’ was loaded over HTTPS, but requested an insecure resource ‘http://cdn.yfiles.net/graphity-cloud-private/macro/?macroId=3341c665-9eb7-4983-9e3b-78b6ff99cee7&version=98&pageId=29917225&xdm_e=https%3A%2F%2Fjasmine-moeller-yworks.atlassian.net&xdm_c=channel-com.yworks.plugins.confluence.graphity-cloud-private__graphity-macro5584832505615758823&cp=%2Fwiki&xdm_deprecated_addon_key_do_not_use=com.yworks.plugins.confluence.graphity-cloud-private&lic=active&cv=1000.0.0-d4a0702e18c6&’. This request has been blocked; the content must be served over HTTPS.

We haven’t changed anything in the server configuration, there are no rewrites from https to http and anyway this never reaches the server in the first place since it already is blocked by the browser.

I’m at a loss to figure out why there would be a request to an URL that differs from the one in the connect descriptor.


Okay, this might after all be an issue with how cloudflare is configured wrt http vs. https (we host the app on a cloud. You can close the issue