Do you think that having website under https:// is a sufficent protection for the data transmission ? Yes and no because even the smallest mistake can compromise all security measures. One of these "smallests mistakes" is a browser warning, known as mixed content.
Every programmer heard about HTTPS as a security layer for HTTP protocol. But HTTPS is not the only security purpose for the most popular web protocol. Another one, known as HSTS, exists too.