$.getJSON doesn't properly take into account protocol when determining whether or not to make a remote request
|Reported by:||sjogreen||Owned by:|
$.getJSON determines whether or not to insert a script tag for a JSONP type request or just to make a plain XmlHttpRequest based on whether or not the hostname matches the current host. Unfortunately, this doesn't take into account protocol (which matters in the same orgin policy) so that getJSON fails to make an https request to the SAME domain as an http page but works fine for https requests to a different domain.
If it would just insert the script tag instead, this would work fine.