Important Notice - Forums is archived
To simplify things and help our users to be more productive, we have archived the current forum and focus our efforts on helping developers on Stack Overflow. You can post new questions on Stack Overflow or join our Discord channel.

Vaadin lets you build secure, UX-first PWAs entirely in Java.
Free ebook & tutorial.
Heartbeat requests blocked by browser
In an application that connects via HTTPS, Chrome is blocking the HTTP heartbeat requests with this message.
Mixed Content: The page at 'https://url.goes.here/#!news' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://url.goes.here/HEARTBEAT/?v-uiId=1'. This request has been blocked; the content must be served over HTTPS.
Is there a way to set the protocol for the heartbeat calls?
This turned out to be an issue with a Spring Security setting forcing the protocol for the /heartbeat request to be http.
Vaadin was working correctly.