Follow up from #4001
Regarding the Overlay report:
In case the Overlay report website does not load over HTTPS, could we default to HTTP for overlay report?
Overlay opens in a new window, so we could:
We're running into this same issue right now. We use force_ssl in our Piwik configuration but most of our 200 web sites do not support SSL. This is a very cool feature that would be nice to have working but I understand the technical hurdles. I would be fine with switching to regular HTTP when applicable for the Overlay report.
I'm not sure if this would work, but could you possibly pass the users auth token to the HTTP instance to allow the report to run and to avoid issues with the secure cookie? That's just off the top of my head, I haven't done any research on potential issues.