Or, in general. Autoplaying videos is poor practice and frowned upon by just about every good web designer. You startle your users and remind them that they had their speakers turned up way too loud. Let your end users click play. They're quite capable of doing that on their own.

there is a significant difference in serving costs via CDN for https vs http. We have been working on re-negotiating our contract, and do hope to go to https in the future, but currently it's cost-prohibitive.

If CDNs are charging more to serve content over https that's just ridiculous. That's gouging, plain and simple. Take your business elsewhere. I'm saddened to hear that slimy companies are doing this in an age where https is negligible overhead and SSL certs are free (Amazon ACM, Let's Encrypt for example).

@Macutchi

I originally wrote out a big long winded post but I've since edited it to delete.

Since you've started to be sarcastic (with your ending comment), I'm not going to continue a discourse with you.

It is an explicit redirect back to http. I try to force https on any link and their site forces me back to https. So they're intentionally capturing https and redirecting back to http. Take this forum post. Try to go here:

https://www.gamespot.com/forums/bug-reporting-feedback-1000006/site-doesnt-allow-https-on-all-pages-33341345/

It's a 301 (redirect permanent) back to http. WHO DOES THAT? So they have https and disable it in purpose? What?

It doesn't matter why it's important to me. Your argument is analogous to "if you have nothing to hide then why do you care about privacy?"

Fixing hard coded http links is a search in replace in your code. http:// -> // (protocol relative links). If you're using a CMS where the links are in your database, well then s**t. I highly doubt GameSpot was written in Drupal.

If you are including content from a CDN that doesn't support https you don't use that CDN. Period.

What other complications are there? Serious question. Please enlighten me. I do this for a living. I've never come across any other issues enabling https other than bad developers including from CDNs using hard coded http:// links.

Seriously, this is not 1995. Why are we forced to http? Relative to bandwidth, https is practically no performance overhead now. Why are you not only not defaulting to https but actually forcing https back to http? You must be the only site left on the Internet that I know of that does this. I can think of no other site I visit that actually forces back to http.

Autoplay of videos and they use flash. Not to mention they force http even when you try to navigate to https. Pathetic Gamespot. This isn't 1995. Https isn't a performance hit. Why are you still using http?