This is a limitation in the browser and Mozilla have done it on purpose, as have Google with Chrome, Microsoft with Edge, Apple with Safari and probably many more.
Websites without HTTPS is just considered insecure by the browsers today.
There might be some setting in the browser around this, but it is not something HA can change, because if HA can do it, then malware vendors can and will do it too.
You might be able to set up NGinX to tunnel them through HTTPS.
While Mozilla at least provides a button for a quick transition, Chrome requires you to do it manually. Well, it’s understandable, although it’s a pity.
You might be able to set up NGinX to tunnel them through HTTPS.
You mean that if I set up my HA with https, my iframes also will be worked?
I think so, but I am not completely certain.
The browsers complain about http elements embedded in pages, but they might also complain about cross site elements when you get the embedded warning removed.