Comment 2 for bug 1085007

Actually, I see even worse situation:

[blocked] The page at https://snapshots.linaro.org/quantal/restricted/integrated-big.little-fastmodels/1 ran insecure content from http://resources/css/ext-all.css.
[blocked] The page at https://snapshots.linaro.org/quantal/restricted/integrated-big.little-fastmodels/1 ran insecure content from http://www.linaro.org/remote/css/init.css.
[blocked] The page at https://snapshots.linaro.org/quantal/restricted/integrated-big.little-fastmodels/1 ran insecure content from http://www.linaro.org/remote/css/remote.css.
[blocked] The page at https://snapshots.linaro.org/quantal/restricted/integrated-big.little-fastmodels/1 ran insecure content from http://www.linaro.org/remote/js/linarofamily.js.
[blocked] The page at https://snapshots.linaro.org/quantal/restricted/integrated-big.little-fastmodels/1 ran insecure content from http://js/jquery-1.7.2.js.
[blocked] The page at https://snapshots.linaro.org/quantal/restricted/integrated-big.little-fastmodels/1 ran insecure content from http://js/jquery-ui-1.8.23.custom.min.js.
[blocked] The page at https://snapshots.linaro.org/quantal/restricted/integrated-big.little-fastmodels/1 ran insecure content from http://css/jquery-ui/jquery-ui-1.8.23.custom.css.
[blocked] The page at https://snapshots.linaro.org/quantal/restricted/integrated-big.little-fastmodels/1 ran insecure content from http://css/linaro.css.

Note things like "http:///css/linaro.css" (I didn't even think it's valid URL). In linaro-license-protection/templates/header.html we have:

href="{% if request.is_secure %}https{% else %}http{% endif %}://{{ request.get_host }}/css/linaro.css"

apparently, that's too complicated and not going to work - SSL is served by frontend web server, if our app is proxied, it won't get any chance to know if it's behind SSL.

href="/css/linaro.css"

should be well enough, and that's first change I'd propose to do.