TLS/HTTPS only for all pods
As nicely said here, any pod that isn't using TLS should be considered broken.
So it would make sense to remove all references of HTTP and focus on HTTPS only.
To upload designs, you'll need to enable LFS. More information