I have a fairly simple intranet-admin site on HTTPS.
__The stylesheets still load from HTTP (thus causing an "unsafe content" warning)__
When loading a page that contains both an AutoCompleteExtender and a CalendarExtender, the resulting page contains a reference to the HTTP (not HTTPS) CDN for the following stylesheets
```
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Backgrounds.css">
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Calendar.css">
```
Surely, these should either be using (href="https://ajax.aspnetcdn.com") or the automatic-prefix (href="//ajax.aspnetcdn.com")
Comments: ASP.NET has the ScriptManager control, but nothing like for style sheets. To make JS and CSS managing consistent we chose to maintain both HTTP and HTTPS URLs, like the ScriptManager control does.
__The stylesheets still load from HTTP (thus causing an "unsafe content" warning)__
When loading a page that contains both an AutoCompleteExtender and a CalendarExtender, the resulting page contains a reference to the HTTP (not HTTPS) CDN for the following stylesheets
```
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Backgrounds.css">
<link rel="stylesheet" type="text/css" href="http://ajax.aspnetcdn.com/ajax/act/15.1.1/Content/AjaxControlToolkit/Styles/Calendar.css">
```
Surely, these should either be using (href="https://ajax.aspnetcdn.com") or the automatic-prefix (href="//ajax.aspnetcdn.com")
Comments: ASP.NET has the ScriptManager control, but nothing like for style sheets. To make JS and CSS managing consistent we chose to maintain both HTTP and HTTPS URLs, like the ScriptManager control does.