Findings
- Replaces img src attributes with http:// URLs. This is unlikely to present a big problem as an attacker intercepting unencrypted traffic can only really replace the image with an image of their own, however it will cause warnings to be shown to users (i.e. in Chrome the green padlock is replaced by a padlock with a warning sign over it)
- No other issues found