In our application (https://apps.facebook.com/testedenivel) we explicitly link to the css page in the https link as follows:
<link rel="stylesheet" href="https://d2asm4nez8zghw.cloudfront.net/content/app-teste-de-nivel.css?v=0.96.02" type="text/css" media="screen">
But, oddly enough, Facebook preloads this css file as an HTTP link. At some point earlier we used this HTTP url, but later we changed it to HTTPS, and now it seems that Facebook is using a former, cached version of this URL:
<script type="text/javascript"> new Image().src = "http:\/\/www.talkfast.com.br\/content\/app-teste-de-nivel.css"; </script>
The problem is that when a user enters our application through secure browsing, preloading the HTTP links causes the browser to warn our users that some insecure content will be downloaded. We would like to learn how to tell Facebook to remove this pre-load script, or at least use our current HTTPS URL, for example:
<script type="text/javascript"> new Image().src = "https://d2asm4nez8zghw.cloudfront.net/content/app-teste-de-nivel.css?v=0.96.02"; </script>
There seems to be a lack of links on the Internet to this problem, so any help would be appreciated.
source share