I'm having significant difficulty locating the root cause for a secure/insecure message comming from IE. I've looked through the entire output and there are NO references to http:
I've searched for unsource Iframes, which cause this message, and there are none and other than jquery 1.4 there isn't even the text "iframe" in the source.
I'm almost at an end trying the cause for this. Does anyone have any ideas
Have you looked for img tags that reference non-HTTPS items?
You could run a fiddler trace and see what requests are being made.
Once again Evil has been "destroyed".
Problem was caused by src attribute on a dynamic script tag created by coverflow (http://www.jacksasylum.eu/ContentFlow/). setting the removing src attribute bombed script (most likely why it was put there). setting the attribute to blank bombed script (most likely why it was put there). setting the attribute to an existing file... hurray.
Long story short. Both IFrame and Script src attributes are assumed to be insecure and are not bypassed by using a "javascript:" call