I have a website with SSL (https instead of http). I am attempting to embed a widget that references files (js, css) from another domain. This other domain does not have SSL (http instead of https). As a result, I get an net::ERR_INSECURE_RESPONSE and the widget will not load.
How can I tell my site to allow the insecure content used by the widget?
You cannot tell a website to allow insecure content in the page as it is not the site that is blocking access to the scripts - it's the Browser.
When using SSL the browser puts a minimum level of security on the connection and ensures that no unencrypted connections are being made from the page. This stops any unencrypted connections being used to transmit data in the requests.
The simplest option I can think of to work around this is to host the scripts yourself on the domain that is secured by SSL. It may or may not be possible to edit the widget easily so it uses the locally hosted script instead of the ones from the non-https site.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 我欲成王,谁敢阻挡 的文章《SSL site won't load non-SSL scripts from other》','https://www.manongdao.com/article-517529.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}