Why do Web browsers display a warning when following a link from an insecure to a secure page?

… i.e. from a http:// URL to a https:// URL? (usually the alert box has an option to not display the warning in the future)

I can understand the warning when changing from a secure to insecure connection - you’d want to be aware of that. But what possible harm can come from the new URL being https:// ?

I’ve never seen that behaviour. You don’t mean the warning you get when you navigate to a page with mixed secure/non-secure content?

It’s not as much a warning as it’s an alternate means of confirming that the page is encrypted. You and I know to look for the lock icon to confirm that a page is encrypted. Other people may want to know that the page is encrypted but they don’t know about the lock icon. The message confirms to them that the page is encrypted.

Imagine a neophyte web user. He starts his web browser and goes to his bank’s website to do online banking. He may be aware that security is a concern but he doesn’t know anything about https, the lock icon, or encryption. He just wants to feel comfortable that using online banking is safe. The message gives him that comfort (if he actually reads it; most people don’t).

You can turn the warning off in options if you want. It’s on as default for people know the security has changed.