By default, this is false. Mapbox.js auto-detects whether the page your map is embedded in is using HTTPS or SSL, and matches: if you use HTTPS on your site, it uses HTTPS resources.

Setting FORCE_HTTPS to true makes Mapbox.js always require HTTPS resources, regardless of the host page's scheme.


L.mapbox.config.FORCE_HTTPS = true;