Twitter loads some javascript file from edgecastcdn.net and twimg.com. The browser blocks these loads because they are from third–party domains which is a big risk. Loading a script from a third party exposes anything secret or private on the page to the third party. Of course twimg.com is _probably_ owned and operated by Twitter, but it could be anyone. They’re not even registered through the same registrar, they have different registrant information, etc, etc. One is reported to be in Arizona, the other in California.

This is exactly how information about you is leaked to advertisers. Maybe the scripts you load from those third–party domains are harmless, or maybe they send everything you see and type back to the third party.

There is javascript on the page that detects the failure and puts up the error message blaming the browser. Really the browser is taking a completely legitimate action, and Twitter could get around it by simply hosting all of their javascript on the same domain that you visit. If you visit x.com it would load javascript from x.com. But if you visit twitter.com, it would load the same javascript files from twitter.com urls instead. Or twitter.com could just redirect you to x.com. Either way, the problem would be solved. But by asking you to turn off strict browsing mode, it enables Twitter to load javascript from real third parties that just want to advertise to you.