Premium image upload button => http-only URL for images => Firefox insecure page warning

1. Create a new premium.

2. For the image, select Upload, choose the file with Browse.

3. Save. When used on contribution page, the premium image will be loaded from a src that starts with http, even though the contribution page is accessed over https. This causes Firefox to give a warning that the page is only partially encrypted and does not protect from eavesdropping. This is not a good warning to have on your donation page.

I was unable to reproduce on demo, because demo does not have https.

Cleanest solution should probably be to have the img src be the same protocol (http or https) as is used to access the page. This is achievable by just ommitting the protocol from the URL (//crm.fsf.org/foo.png).