Beginning in January 2017, Chrome (version 56 and later) will mark pages that collect passwords or credit card details as “Not Secure” unless the pages are served over HTTPS. Soon it will be every page.
What that means is if you allow users to add images with Quicktags or automatic image URL to image HTML conversion and they are not from sites that use HTTPS your visitors will get a warring message.
You should add a filter that only "embeds"images from sites that use HTTPS.
https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html
I should add... Even if your site is secure, having an image or other content that is uploaded to the users browser via your site from an unsecured site will trigger a "mixed content warring".
Unless there is a HTTPS filter Quicktags should never be used.
OK one more note.. These are not little warring messages. These are more like those warring messages that say the site may contain a virus. Not may users know what HTTPS or SSL is so they will just assume the worse and exit your site quickly. So this is kind of a big deal.
Thank you Dennis, this is already in our to-do list. We'll update it soon.