https iframe嵌套http页面

page - iframe - status

http - http - allowed
http - https - allowed
https- http - not allowed https嵌套http不支持
https- https - allowed
https - https - insecure scripts - not allowed   (不安全的脚本  虽然两个都是https，脚本不安全浏览器会阻止)

https - https - inscure images - allowed but the browser will warn

 

 

 

https/http全支持的情况下可以考虑：

 <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">