Need mixed image test that doesn't auto-upgrade to HTTPS

[djcater]

https://mixed.badssl.com/

In Chrome 86, the http: image is auto-upgraded to https: (https://mixed.badssl.com/image.jpg), which works on the mixed.badssl.com subdomain as it supports https:.

I wanted a test case to see if an http: image gets blocked on an https: page if the image domain doesn't support https:, therefore I can't use this page as a testcase for that.

Could we have an example where the image comes from a domain which doesn't support https:?

[christhompson]

Good idea, especially now that Firefox is experimenting with autoupgrade as well. Maybe "mixed-no-upgrade.badssl.com" and it can include the image via http://http.badssl.com/resources/image.jpg instead (which downgrades HTTPS back to HTTP).