It is common that users add to CentralNotice a banner with css that loads resource from http, which shows a warning for https users.
CentralNotice shouldn't allow non protocol relative URLs in css/images or at least show a noticeable warning.
Version: unspecified
Severity: minor