Since the the source code of all the gadgets are available at
http://www.replyat.com.com/, which is a non secure site,
users may see broken view of the gadgets at the secured sites
represented by https.
This is due to the latest browsers
settings. The content from HTTP sites is now being considered as
insecure content. Insecure content served over HTTPS is blocked
under the latest version of all the browsers.
Even though if the HTTPS site is protected by
a SSL certificate, customers may still receive messages that the
page they're viewing contains unsecured content if there are
images or other elements that haven't been encrypted. When
running many different plugins or a theme developed by a
third-party, secured HTTPS will fail to display the required
view and at the same time the browsers will offer an option to
the user to unlock the security which otherwise should be under
the primary control of HTTPS site developer. The worst is
approaching as the latest version of chrome 21+ blocks all
"mixed content" without the option to override it.
At present the HTTPS site owner has no
provision to let any content displayed from his trusted HTTP
sites on his HTTPS pages. The viewers of HTTPS sites are
required to adjust their browsers settings to let the browsers
display HTTP content on the HTTPS pages. Most of the users of
these browsers are not aware of these latest security hurdles
which block the display of HTTP content over the HTTPS pages.
In fact, the HTTPS site developers should have the authority to
allow their trusted HTTP content over their HTTPS pages.
The three main browsers namely IE, Firefox
and Crome are competing to be smarter than the other. To be
smarter from others they are adding some services which are
undemocratic. If a site developer wishes his users to view all
the mix contents, they are not required to behave like security
guards. I hope some META tags for pages should be available
where a developer can list the HTTP links that should not be
blocked by any browser.