Loading http://themes.getbootstrap.com/products/application works fine, but https://themes.getbootstrap.com/products/application doesn't.
From the preview page:
<iframe class="iframe-preview js-iframe" src="//bootstrap-themes.github.io/application"></iframe>With HTTPS, this tries to load https://bootstrap-themes.github.io/application.
$ curl -I "https://bootstrap-themes.github.io/application"
HTTP/1.1 301 Moved Permanently
Server: GitHub.com
Content-Type: text/html
Location: http://bootstrap-themes.github.io/application/
<snip>
Since "application" is a directory, github.io tries to redirect /application to /application/. But for whatever reason, the responding server hardcodes http:// in the Location header, instead of matching the same protocol as the original request. I've tested this on Firefox and Chrome, and both refuse to load a page served over HTTP into an iframe embedded in a page served over HTTPS, due to the mixed content restriction.
Solution: change the src of the iframe to //bootstrap-themes.github.io/application/. This avoids the bad redirect.
