Chrome 14 to address security concerns
Google is taking HTTPS issues quite seriously and has taken steps to address mixed secure site scripting conditions in Chrome 14 dev. Just after announcing that Gmail will always load in HTTPS, the company has ensured that mixed secure site scripting conditions are blocked by default in Chrome 14 dev. The first is a command line flag that actually landed in Chrome 13 dev called --no-running-insecure-content for advanced users who want to help clean up sites with mixed secure scripts. Another flag is available that will block the display of insecure content, --no-displaying-insecure-content, but Google stated in the above-linked blog post that it will not block displaying insecure content by default since it's not as dangerous a use-case.
The link for this article located at CNET is no longer available.