XF 2.1 Mixed Content Warnings on embedded Giphy images

[rfc0001]

My site is SSL and I'm proxying images.

I'm seeing mixed content warnings when embedding giphy image, e.g.

To view this content we will need your consent to set third party cookies.
For more detailed information, see our cookies page.

Accept third party cookies

Note: seeing same error here.

The GIF itself isn't shown since I have HSTS enforced so non-HTTPS content is ignored. If I hover over the GIF I see the GIPHY log and related GIFS - just not the gif I embedded.

Is this expected? I never have had this issue in the past. I'm using XF 2.1.3.

 

[rfc0001]

Can you move this to bugs since I'm seeing the same error here?

Looks like XF is requesting image from giphy.com over https, but Giphy is reidrecting to Amazon CDN links over HTTP:

 

[rfc0001]

Not looks like an issue on Note XF is requesting the url https://giphy.com/embed/RrVzUOXldFe8M which is redirecting to http://giphygifs.s3.amazonaws.com/media/RrVzUOXldFe8M/giphy.gif (no https), even though https://giphygifs.s3.amazonaws.com/media/RrVzUOXldFe8M/giphy.gif (with https) works just fine. Looks like giphy isn't respecting the https reqeuest when redirecting or XF needs to resolve the URL then switch the https.

Even super weirder, hitting https://giphy.com/embed/RrVzUOXldFe8M directly causes the same mixed content warning. Seems like giphy broke their own embed.

 

[rfc0001]

https://giphy.com/ seems to be all jacked up right now - just renders a blank page.

ETA: main page is now rendering but above issue still repros here and directly hitting the embed page for that GIF:

Excited Lets Go GIF - Find & Share on GIPHY

Discover & share this Animated GIF with everyone you know. GIPHY is how you search, share, discover, and create GIFs.

giphy.com

Any way to escalate this to Giphy? They seem oblivious.