Heartbeat requests blocked by browser

In an application that connects via HTTPS, Chrome is blocking the HTTP heartbeat requests with this message.

Mixed Content: The page at ‘https://url.goes.here/#!news’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://url.goes.here/HEARTBEAT/?v-uiId=1’. This request has been blocked; the content must be served over HTTPS.

Is there a way to set the protocol for the heartbeat calls?

This turned out to be an issue with a Spring Security setting forcing the protocol for the /heartbeat request to be http.
Vaadin was working correctly.