Carbon Fields http Mixed Content
Mixed Content: The page at 'https://domen.com/wp-admin/post.php?post=2&action=edit' was loaded over HTTPS,
but requested an insecure XMLHttpRequest endpoint 'http://domen.com/wp-json/carbon-fields/v1/attachment/?type=id&value=10149'. This request has been blocked; the content must be served over HTTPS.
Use HTTPS everywhere:
Force REST to https:
add_filter( 'rest_url', function( $url ) { return str_replace( 'http://', 'https://', $url ); } );Clear caches - mixed-content error gone.