Apps running on Heroku can be requested via HTTPS even though the app and Web server don't know anything about it. Apps behind CloudFlare have a similar option.
In this environment, DebugKit may be blocked as "mixed content" because the request for it happens via HTTP. My browser (Firefox 43) says this: Blocked loading mixed active content > "http://myappname.herokuapp.com/debug_kit/toolbar/27dac57d-6616-4450-8926-ee75512bde70" > > toolbar.js:53:2 > What would be the preferred method of forcing DebugKit to use HTTPS in its base URL? When I look at the page source, I find this element: <script id="__debug_kit" data-id="927dac57d-6616-4450-8926-ee75512bde70" data-url="http://myappname.herokuapp.com/" src="/debug_kit/js/toolbar.js" ></script> It seems I either need to force the protocol in the "data-url" attribute, or else configure it to ignore the base URL and to try loading the path from "src" relative to the browser's notion of the base URL. -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at https://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.