We are frequently coming across websites not loading correctly due to mixed content issue. After further investigation it turned out be caused due to http SAML Authentication instead of https. I had a ticket raised with Broadcom support to check if SAML supports https and they advised it doesn't at this stage and to post it in the Broadcom community. Below is an example:
Below was the Broadcom Support update:
I have talked with our senior engineer.
And according to our senior engineer, we are afraid that Authconnector sending requests in HTTP (not HTTPS) is our current design, and we don't have a plan to change/improve this so far.
Because this support window can't receive/accept an enhancement/feature request, it may be good to post your opinion/request into our community site link below.
(But we are not sure if your request would be accepted or not, in the community site.)
We would appreciate your understanding.