Had a customer today trying to embed an http page within an iframe of an https website. Turns out this should *work* but obviously its stupid and is against the point of a secure connection. Modern browsers are smart and don’t do it, so if you try and it doesn’t work.. that’s your answer.