I already mentioned mixed content warnings as one of the more difficult reasons to switch on HTTPs, but what I didn’t realise up until now is how browsers handle media types differently in mixed content scenarios.
Modern, more secure browsers, correctly block these requests.
So clearly, “Mixed Content warnings” is a concept that isn’t widely respected.
For instance, why would images be allowed, but CSS is blocked in a Mixed Content scenario? Why doesn’t every browser handle XMLHttpRequest the same way when it comes to Mixed Content? You can test your current browsers’ support for Mixed Content handling at Qualys SSL Client Labs.
Women Browsers: can’t live with them, can’t live without them.
Update 24/12/2014: it seems they’re working on an W3C Spec to fix this.
— Mike West (@mikewest) December 24, 2014