Mixed http and https content in ZK.

[dormitionskete]

Please change all references to "http://" to "https//" throughout ZK, including in your JavaScript files.

All merchants who accept credit cards must (or are supposed to) pass quarterly security scans to maintain PCI (Payment Card Industry) Security Standards.

As you can see in the attached png, we got dinged for having mixed http and https content in our last security scan.

If you would fix this, please, it would be greatly appreciated.

Also - I've downloaded the source ZK code. Is there any way I can fix this myself in the source, rather than waiting for the next ZK CE release?

I've looked, and that "js/zk.wpd" file does not have any reference to http in the source code file, so I am somewhat at a loss how it is getting into our pages through this file. It is in the zk.xsd file, but it does not look anything like what the link that gets included in our .zul page contains.

I have found 188 references to http://www.zkoss.org in 87 files, however.

Is there any documentation anywhere on how to build zk from source, because I haven't been able to find it?

Again, any help with this would be greatly appreciated.