Force Https the easy way

<!-- Force https -->
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">