Insecure favicon?

Trying to change my dashboard icon for use in a PWA, but hitting a 'Mixed Content' issue because the icon is not served over https, but is served on a local IP address (same raspberry where node-RED is running).

I can see the image if I navigate my browser to http://192.168.0.8:1880/images/tail.png

If I check the browser console I see the following;

Mixed Content: The page at 'https://myserver/dashboard/page1' was loaded over HTTPS, but requested an insecure favicon 'http://192.168.0.8:1880/images/tail.png'. This request has been blocked; the content must be served over HTTPS.

I'm guessing this is a browser restriction, and not node-RED's fault.
If there isn't a workaround, I have a plan B

Hi @Paul-Reed

Actually - I wonder if this is D2 not honouring the host name and/or protocol.

You can try adding the favi meta directly in a template node (set in the head)

<link rel="icon" type="image/x-icon" href="https://…">

You might need to change type to image/png

Note: I know very little on D1 or D2 - so this really is a guess

Thanks for the suggestion @marcus-j-davies, but after checking Bart's excellent Tailscale guide, it was very easy to tell Tailserve to serve the icon file via https, which worked great.

Now, on my phone, my dashboard PWA icon is my own, so I don't get it confused with the Node-RED forum icon etc.