Step 1. Appearance > Theme Editor
Step 2. Find header.php at right side {Theme Files}
In my case, I can’t find header.php. So, I click Writers Blogily.
I found Theme Header (header.php) and click it.
Add a meta in html head
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
click update file button on bottom
Complete! this problem was fixed