Pattern

Cross-Scheme Redirect Breaks

https-http-redirect-mismatch

HTTPS page origins break when redirects and API calls are generated with HTTP schemes or ignored proxy scheme headers, causing the browser to block requests or loop between proxy routes so controllers never run.