On an SSL-enabled site, why does some non-SSL content only trigger an alert, whereas other content is blocked?
And is this behaviour consistent across all browsers, or does it vary?
The specific instance I'm thinking of is audio streaming - a non-SSL stream seems to simply trigger a warning but still play, whereas 'now playing' scripts (on the same server) are blocked.
UPDATE... I've since learned that this is 'active and passive content', with scripts being considered 'active' and a greater risk - and so are blocked.