- July 26, 2018 at 9:25 am #115203
At Google Search Console I get the message “Unrecognized Content-Security-Policy directive ‘upgrade-insecure-requests'” for my website. I found https://googlechrome.github.io/samples/csp-upgrade-insecure-requests/, but do not know how to take it further.
Does it has anything to do with the settings in SSL?
I see there:
– Je site is nog niet geconfigureerd voor de HSTS preload lijst. Lees de documentatie goed door voor je je aanmeldt. Schakel de preload lijst optie in
– The mixed content fixer is not active on the admin panel. Enable this feature only when you have mixed content on the admin panel.July 26, 2018 at 10:45 am #115221
on which site are you experiencing this issue? The ‘upgrade insecure requests’ option adds that header. Could you provide me with your site address so I can have a look?
MarkJuly 26, 2018 at 7:21 pm #115403
This header is a valid header, but it’s possible Google does not recognize it. If you want you can disable it in settings/sslJuly 27, 2018 at 9:09 am #115571
Hi Mark, op incosi.com.July 27, 2018 at 9:19 am #115575
The header seems to be set properly, a redirect check returns
If Google still returns an error, you can disable the option in the plugin settings.
MarkJuly 28, 2018 at 9:30 am #115846
Thanks! In Replace mixed content automatically?July 28, 2018 at 9:43 am #115849
Google does not return an error as such, only does not recognise it. Google has forgotten to add this header to the list of headers they know. So the error is with the Google report, not with the header.
In settings/ssl there is a setting “upgrade insecure requests” where you can disable it.December 14, 2018 at 9:19 am #152025
> In settings/ssl
Where do I need to go to change the settings?December 14, 2018 at 10:48 am #152040
if you have this error you can disable the ‘Add header to force insecure requests over https’ option in Settings->SSL.