One of the security features of IE is often ignored. This feature is active when browsing a secure site (HTTPS), and it warns the user if the page tries to load files from other locations that are not secure. For example, a page could have an embedded link to an image file that is another server. While an image file is hardly a menace, there other scenarios where a non secure file in a secure site could cause trouble, and so this warning is shown. Unfortunately, most users will just click on “Yes”, because that is all they can do from the browser side, but what if it happens to you, on your own server?
What we can do? Well, on the client side, other than clicking “OK” each time, a user can set his security level to custom, and instruct the browser to ignore this situation, but that is not the best idea as it might expose the user to security threats (not to mention the fact that this needs to be done on all client machines for the entire organization). The correct solution is to modify the DOJO application to be aware of this scenario. IBM has this documented and can help its customers with this.