Pattern
Cross-Scheme Redirect Breaks
https-http-redirect-mismatch
HTTPS page origins break when redirects and API calls are generated with HTTP schemes or ignored proxy scheme headers, causing the browser to block requests or loop between proxy routes so controllers never run.