Website Encryption Shortfalls uses an unencrypted connections, and attempts to force the connection over HTTPS fail.

For a site handling login data (and in many cases some account info with 3rd party authentication providers) in 2022, this really should not be the case. Free certificates can be obtained easily through LetsEncrypt (, and other app inventor pages are encrypted, so it is incredibly confusing why the site is not encrypted.

It is not a simple as that. AppInventor requires http for a variety of reasons at the moment.

MIT have an https solution in the pipeline - coming soon....

Any ideas what these reasons are? The only possible reason I could think of is if browser changes to mixed content handling block unencrypted connections from encrypted sites, and preventing App Inventor from loading resources that can't be sent over https.

Even so, what are those resources? Anything from a domain should be encrypted, and localhost can be accessed when unencrypted, so absent a direct connection to an IP address, I don't see where the issue could be.

This has been covered many times on the community. Do a search for http appinventor

Also see