google chrome - How can you tell exactly what insecure items are causing a browser to warn about mixed secure and insecure items?

Question

In Firefox, I view my site and get no warnings about insecure mixed content.

Using FireBug, I can see that every request is https.

In Chrome, I get the https crossed out in the address bar.

I viewed source in Chrome and then ran this regex /http(?!s)/ but the only things it found were the href attributes for some external links and the doc type and http-equiv meta tags.

Using Chrome's Resource Tracking revealed all requests were https too.

This includes Google Analytics, jQuery from Google's CDN and Facebook like scripts.

Is there any specific tool I can use to show non https requests, or anything further I can try?

Answer 1

I found that I get the "mixed content"-warning in Chrome even when there is no mixed content, if sometime during the session mixed content was already encountered on the domain.

(Also mentioned here: Why is Chrome reporting a secure / non secure warning when no other browsers aren't?)