The search engine giant recommended you to enable it via an HTTP response header,
"
Content-Security-Policy: upgrade-insecure-requests,
"
if all the content is controlled by you.
However, if the unsecure resources are served from a web server you don’t control, you can include the
<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">
tag in your page's <head>.
