IE9 error SEC7111 ("HTTPS security is compromised") when using the Facebook REST API

I'm the author of a Wordpress plugin that allows users to login to their blogs with Facebook; it uses the old REST API to introduce the login button. Typically, including the API is done via the following:

<script type="text/javascript" src="http://sta开发者_如何学JAVAtic.ak.connect.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php"></script>

However, after Facebook introduced secure connections (Account -> Account Settings -> Account Security -> Secure Browsing), the Connect popups broke. One plugin user pointed out that the issue could be fixed by replacing the above with:

<script type="text/javascript" src="https://ssl.facebook.com/js/api_lib/v0.4/FeatureLoader.js.php"></script>

Everything works fine now in every browser except the newly released IE9, which reports the following two errors (and refuses to initialize the Facebook API):

SEC7111: HTTPS security is compromised by https://www.facebook.com/extern/login_status.php?api_key=(MY_KEY)&extern=0&channel=(URL_to_my_xd_receiver)

SEC7111: HTTPS security is compromised by https://api.facebook.com/static/v0.4/client_restserver.php?r=1300118768

Note that the page hosting the Facebook Connect button is not https, and the preceding two script includes were not added by me - viewing the page DOM source via IE9's developer tools reveals that those two scripts are included within a div "FB_HiddenContainer", which is apparently inserted asynchronously by Facebook as it tries to initialize.

Everything I've found on Google regarding SEC7111 refers to https pages trying to include scripts via http, but my problem is the opposite: the page is http, and the scripts (being loaded automatically by Facebook) are https.

Any thoughts would be greatly appreciated, I'm pretty stumped. If you'd like to play with it yourself you can do so on my site, http://www.justin-klein.com. You'll note that the "Login with Facebook" button initializes properly on all browsers but IE9.

You can solve that using the https FB library. More info here.

From a cached version of that site:

SEC7111: HTTPS security is compromised by http://static.ak.fbcdn.net/connect/xd_proxy.php?version=0.

This error can be fixed using the https version:

<script src="https://connect.facebook.net/en_US/all.js"></script>