All pages on my site are protected by SSL. When a user posts a link to their timeline, images default to http:// rather than https:// even though the resource is available on https://. This renders my activity stream pages unsecure. Any thoughts on how to handle this? What about links that are not ssl? Is there any way to make the page secure while still allowing those links?
For example, this image was posted to a user's timeline in conjunction with a link to an article. It was posted as http:// even though the https:// is valid.