Mixed-content issues

- Gitea version (or commit ref): 1.0.1
- Git version: 2.7.4
- Operating system: Ubuntu 16.04 LTS
- Database (use `[x]`):
  - [ ] PostgreSQL
  - [ ] MySQL
  - [x] SQLite
- Can you reproduce the bug at https://try.gitea.io:
  - [x] Yes (provide example URL): https://try.gitea.io/gitea/gitea
  - [ ] No
  - [ ] Not relevant
- Log gist:

## Description

Gitea can still serve mixed-content pages, even with SSL. This is most pronounced with images being loaded over an insecure connection.

This can be solved by integrating a solution similar to [camo](https://github.com/atmos/camo) (GitHub uses this) into Gitea.

In addition to security, it also provides a privacy benefit for users if the install is public.


<bountysource-plugin>

---
Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/41956301-mixed-content-issues?utm_campaign=plugin&utm_content=tracker%2F47456670&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F47456670&utm_medium=issues&utm_source=github).
</bountysource-plugin>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Mixed-content issues #916

Description

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Mixed-content issues #916

Description

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions