Yes, there is the small matter of security, but sometimes theres a need to open an https:// website that has iframe content using http://. In good modern browsers , when you try this, you'll get an error in the console similar to:


Blocked loading mixed active content "/"

This is normally a very good thing especially from a security post of view. But there are always edge cases. This blogpost is a workaround for the edge cases.

Workarounds

Firefox

In Firefox, you can install the Quick Java add-on which gives a toolbar allowing you to quickly toggle a variety of setting e.g. JavaScript, Java, Flash, Images etc.

Enable the toolbar using View | Toolbars | Add-on Bar:

This gives a toolbar with buttons labeled: A, JS, J, F, SL, C, I, A, CS

Click on the 1st button labelled "A" the background colour will go from green to red:

Once that's done, you'll be able to open http:// iframes on an https:// page.

Chrome

In Chrome, I favour a much simpler approach. Shutdown Chrome then launch it from the command line with the additional flag of --allow-running-insecure-content:


/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome  --allow-running-insecure-content &

More details here: "This page has insecure content."

Further reading