All scripts should be loaded as https.
All scripts are loaded with source code using Editor SOURCE mode in this format:
<script src="https://www.classcreator.com/000/7/7/0/13077/userfiles/file/varies/jvscriptname.js"></script>
All resources on a page should be https. Not all browsers work the same way here.
All images should be https IF you use a fully qualified URL that includes the domain name. Normally images generated by classcreator images do not and the browser automatically prefixes with the current domain type. When the script switch classcreator links to https, these images will automatically be correct.