badges.gitter.im performs insecure HTTPS -> HTTP downgrade redirects
These should not downgrade to HTTP, as it will mark HTTPS source webpages as "insecure" because of mixed content.
$ curl -v https://badges.gitter.im/Join%20Chat.svg |& grep location
< location: http://badges.gitter.im/join_chat.svg
$ curl -v https://badges.gitter.im/nektos/act.svg |& grep location
< location: http://badges.gitter.im/repo.svg
Edited by silverwind