I have a fairly simple intranet-admin site on HTTPS.
__The stylesheets still load from HTTP (thus causing an "unsafe content" warning)__
When loading a page that contains both an AutoCompleteExtender and a CalendarExtender, the resulting page contains a reference to the HTTP (not HTTPS) CDN for the following stylesheets
```
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Backgrounds.css">
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Calendar.css">
```
Surely, these should either be using (href="https://ajax.aspnetcdn.com") or the automatic-prefix (href="//ajax.aspnetcdn.com")
Comments: It seems that the site had the following > <asp:ScriptManager runat="server" EnableCdn="true"> Changing the __"EnableCdn"__ setting to "false" proved a temporary workaround ... In addition to the __EnableCdn__ setting creating an __HTTP__ reference, there seems to be no obvious method to specifiy WHERE the files are loaded from (for example, if someone wanted to use a local network-resource, rather than _ajax.aspnetcdn.com_
__The stylesheets still load from HTTP (thus causing an "unsafe content" warning)__
When loading a page that contains both an AutoCompleteExtender and a CalendarExtender, the resulting page contains a reference to the HTTP (not HTTPS) CDN for the following stylesheets
```
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Backgrounds.css">
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Calendar.css">
```
Surely, these should either be using (href="https://ajax.aspnetcdn.com") or the automatic-prefix (href="//ajax.aspnetcdn.com")
Comments: It seems that the site had the following > <asp:ScriptManager runat="server" EnableCdn="true"> Changing the __"EnableCdn"__ setting to "false" proved a temporary workaround ... In addition to the __EnableCdn__ setting creating an __HTTP__ reference, there seems to be no obvious method to specifiy WHERE the files are loaded from (for example, if someone wanted to use a local network-resource, rather than _ajax.aspnetcdn.com_