Update text for allowing http content, allow mixed content by default

CHANGELOG.md

@@ -14,7 +14,7 @@ This release contains a security update and it is highly recommended that users
 
 ### Improvements
 - Improve the style for tab badges.
-- Add **Allow insecure contents** option to render images with `http://`.
+- Add **Allow mixed content** option to render images with `http://`.
 - Add the login dialog for http authentication.
 
 #### OS X

src/browser/settings.jsx

@@ -88,7 +88,7 @@ var SettingsPage = React.createClass({
       options.push(<Input key="inputShowTrayIcon" ref="showTrayIcon" type="checkbox" label="Show Icon on Menu Bar (Need to restart the application)" checked={ this.state.showTrayIcon } onChange={ this.handleChangeShowTrayIcon }
                    />);
     }
-    options.push(<Input key="inputDisableWebSecurity" ref="disablewebsecurity" type="checkbox" label="Allow insecure contents (This allows not only insecure images, but also insecure scripts)"
+    options.push(<Input key="inputDisableWebSecurity" ref="disablewebsecurity" type="checkbox" label="Allow mixed content. Enabling allows both secure and insecure content, images and scripts to render and execute. Disabling allows only secure content.)"
                    checked={ this.state.disablewebsecurity } onChange={ this.handleChangeDisableWebSecurity } />);
     var options_row = (options.length > 0) ? (
       <Row>

src/common/settings.js

@@ -24,7 +24,7 @@ var loadDefault = function(version) {
         teams: [],
         hideMenuBar: false,
         showTrayIcon: false,
-        disablewebsecurity: false,
+        disablewebsecurity: true,
         version: 1
       };
   }