Are you saying it is (1) an insecure frame or iframe in the top level document, or (2) an insecure frame or iframe within a secure frame or iframe within the top level document?

Someone might need to see a demo of this to really understand what is happening. Then a reduced test case could be created and a specific bug could be filed.

Not sure. It is a frame like thing in Desire2learn CMS. The content is http: and never appears. No problems with other browsers. See image I uploaded.

What does the Web Console (Firefox/Tools > Web Developer;Ctrl+Shift+K) show?

Are there red line with blocked content?

Is it possible to open this frame in a new tab via the right-click context menu to see if that makes the shield appear?

There is a yellow line. Right clicking on the link makes no difference.

[15:20:40.022] The character encoding of a framed document was not declared. The document may appear different if viewed without the document framing it. [15:20:40.526] The character encoding of a framed document was not declared. The document may appear different if viewed without the document framing it.

Actually, using the contextual menu and selecting open in new tab did make the shield appear and I was able to see content. What a hassle though.

Actually, suddenly the shield is appearing. But in other examples where an intermediary page is used the first time you click on a link and the shield nothing happens. The second time it works. Weird

I agree that opening a framed page using the context menu is a little hard to explain to users, although it's a handy skill for some annoying websites.

When you returned to the page, perhaps on the second visit it was retrieved from cache? Do you notice that behavior with other links, i.e., no shield on the first click, but the shield appears on a second click or reload? Maybe there is a timing problem in the code, or with redirects.

We had a very similar problem with IE. They worded their safety warning weird and students got confused. Now the warning says "show all content?" which is way easier than clicking on a small shield icon, selecting from a popup menu to disable for the page, and clicking on the link again. We are a few days from students coming back. I take the support calls and I have to be able to make this work.

Doesn't Desire2Learn have a support forum where system admins can share issues with the software? Or somewhere to report perceived Bugs?

If you have experienced similar issues with both IE and Firefox, that sounds like an oversight in development or a Bug in the package which cold affect 75% of your user base. Plus it may border on being a security issue.

I gather there's no quick way to serve the framed content over https? Checkbox in the product or maybe a redirect on the server?