This looks wrong (it could be a bug fixed since 7.4.x is quite old now) since it should use HTTPS and not HTTP.
Could you reproduce on a recent XWiki version?
> My xwiki works over https (if I go directly to https://xwiki-test/ then
> after xwiki redirect me to login page over https) .
> In xwiki.cfg:
> On this page /xwiki/bin/view/XWiki/XWikiServerXwiki :
> SECURE (SSL): 1
> Iframe code:
> <iframe src="https://xwiki-test/xwiki/bin/view/Main/" >
> Why xwiki uses http redirect ?
When you request a protected page of the wiki and you’re not logged in then xwiki will ask you to log in and then redirect it to the page you were accessing initially.