What Is Mixed Content?
Mixed content occurs when an HTTPS page loads sub-resources (images, scripts, stylesheets) over insecure HTTP. Browsers block or warn about mixed content because it undermines the security of the HTTPS connection.
Why It Matters
Mixed content is a common HTTPS migration issue. When a site moves from HTTP to HTTPS, all embedded resources (images, scripts, CSS, fonts) must also use HTTPS URLs. If they don’t, browsers either:
- Block the resource (active mixed content like scripts)
- Show a warning (passive mixed content like images)
Types of Mixed Content
| Type | Resources | Browser Behavior |
|---|---|---|
| Active | Scripts, iframes, CSS, AJAX | Blocked by default |
| Passive | Images, video, audio | Warning, may still load |
Mixed Content and Domain Forwarding
For standard domain forwarding (301/302 redirects), mixed content isn’t a concern. The redirect simply tells the browser to go to a new URL — there’s no page with resources to mix.
However, URL masking (iframe-based forwarding) can trigger mixed content issues:
https://your-domain.com (HTTPS - masked)
└── iframe: http://destination.com (HTTP) ← BLOCKEDThis is one of many reasons why 301 redirects are preferred over URL masking. See our URL masking feature page for more details.
Related Terms
Related Features
Frequently
asked questions
Not for simple redirects. Mixed content only occurs when a page loads sub-resources. A domain redirect sends the browser to a new URL entirely — there's no page with mixed resources.
If you're using URL masking (where the forwarded content appears in an iframe), mixed content can be an issue if the masked site loads HTTP resources. Standard 301/302 redirects don't have this problem.
Still Confused? Try It Free.
Set up your first domain forward in under 5 minutes. Free plan includes 5 domains.