Insecure content loaded from 'assets.ubuntu.com'

Mh, could this be an issue with the files on assets?

daniel@daydream:/tmp/developer-ubuntu-com$ grep -ri http . | grep -v https | grep assets
daniel@daydream:/tmp/developer-ubuntu-com$

<davidcalle> dholbach, open the js console and reload the page. It looks like it comes from http://yui.yahooapis.com/, loading a bunch of js modules, so that's part of the web guidelines framework we are using. The web team should be able to fix this.

<dholbach> Mixed Content: The page at 'https://developer.ubuntu.com/en/snappy/' was loaded over HTTPS, but requested an insecure script 'http://yui.yahooapis.com/combo?gallery-2014.02.20-23-55/build/gallery-carou…o-queue-min.js&3.15.0/dump/dump-min.js&3.15.0/json-parse/json-parse-min.js'. This request has been blocked; the content must be served over HTTPS.
<ant> so YUI does not support https loading from there api site
 the developer team will need to pull the code local to the site and load it via https
 otherwise use the one loaded from assets
 you can find that one from the source of www.ubuntu.com
 dholbach, https://assets.ubuntu.com/sites/ubuntu/latest/u/js/plugins/yui-combined.min.js
<dholbach> ok, thanks

It appears the issue comes from https://developer.ubuntu.com/assets/sites/ubuntu/latest/u/js/scratch.js - not sure where that's from.