Yes, there is the small matter of security, but sometimes theres a need to open an https:// website that has iframe content using http://. In good modern browsers , when you try this, you'll get an error in the console similar to:
Blocked loading mixed active content "/"
This is normally a very good thing especially from a security post of view. But there are always edge cases. This blogpost is a workaround for the edge cases.
Workarounds
Firefox
In Firefox, you can install the Quick Java add-on which gives a toolbar allowing you to quickly toggle a variety of setting e.g. JavaScript, Java, Flash, Images etc.
Enable the toolbar using View | Toolbars | Add-on Bar:
This gives a toolbar with buttons labeled: A, JS, J, F, SL, C, I, A, CS
Click on the 1st button labelled "A" the background colour will go from green to red:
Once that's done, you'll be able to open http://
iframes on an https://
page.
Chrome
In Chrome, I favour a much simpler approach. Shutdown Chrome then launch it from the command line with the additional flag of --allow-running-insecure-content
:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --allow-running-insecure-content &
More details here: "This page has insecure content."