[b]Title: [/b] history.replaceState violates origin policy under HTTPS [b]Description: [/b] When loading content dynamically while using HTTPS, history.replaceState is called and passed a URL with a http protocol rather than what matches the currently used protocol. A SecurityError exception is subsequently thrown which stops the page from loading any further. [b]Repro Steps:[/b] 1.) Begin browsing site using HTTPS 2.) Choose a forum category and try loading a topic [b]Result:[/b] Exception thrown and uncaught, UI stuck on AJAX spinner [b]Expected Result:[/b] URL passed to history.replaceState should use a protocol which matches the current one, the new URL should be displayed, and the topic should also be displayed. [b]Notes:[/b] [url=https://i.imgur.com/YOCxyn0.png]Screenshot of debugger with variables before history.replaceState is called[/url], and below is the exception in the console.[quote]Uncaught SecurityError: Failed to execute 'replaceState' on 'History': A history state object with URL 'http://www.bungie.net/en/Forum/Post/68668568/0/0' cannot be created in a document with origin 'https://www.bungie.net'. bnet.basev2.min.js?cv=3983621339&av=845768246:formatted:859[/quote] [b]OS:[/b] Windows 7 [b]Browser:[/b] bug is browser independent and present in Chrome 37, Firefox 32, and IE 11 [b]Are you running add-ons/plug-ins?: [/b] No.