History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: LPP-5364
Type: Bug Bug
Status: Resolved Resolved
Resolution: Fixed
Priority: P0 P0
Assignee: Henry Minsky
Reporter: Lorien Henry-Wilkins
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
OpenLaszlo

Running an lzx app using SSL gives nonsecure items warning in internet explorer

Created: 17/Jan/08 10:57 AM   Updated: 31/Jan/08 10:54 AM
Component/s: Browser Integration
Affects Version/s: 4.0.5WaffleCone, RingDing (4.1)
Fix Version/s: RingDing (4.1)

Time Tracking:
Not Specified

Environment: IE 6.0

Severity: Critical
Fixed in Change#: 7,937
Runtime: N/A
Fix in hand: False


 Description  « Hide
When I run the platform test page test/hello.lzx using SSL I get a warning in IE that says "This page contains both secure and nonsecure items. Do you want to display the nonsecure items?" I made a test page in which I stripped out everything from the HTML that requests any resource other than the .lzx file and still get the warning. Here is the most stripped down HTML I used where I still see the warning:

<html>
    <head>
       <title>OpenLaszlo Application</title>
       <script src="https://localhost:8443/trunk-7501/lps/includes/embed-compressed.js" type="text/javascript"></script>
   </head>
   
   <body>
       <script type="text/javascript">
           Lz.swfEmbed({url: 'https://localhost:8443/trunk-7501/test/hello.lzx?lzt=swf', bgcolor: '#ffffff', width: '100%', height: '100%', id: 'lzapp', accessible: 'false'});
       </script>
   </body>
</html>

 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Lorien Henry-Wilkins - 29/Jan/08 10:25 PM
I bet this is caused by the iframe in the history mechanism in IE. The iframe is created without a src, and it probably defaults to about:blank, which is interpreted as http://about:blank.

[ Permlink | « Hide ]
Lorien Henry-Wilkins - 30/Jan/08 10:00 AM
Yup, it's definitely the history iframe. I added a blank html page called blank.html to my lps/includes folder and changed lzhistory.js to set the src of the IE iframe blank.html when it is created (around line 47) and I no longer get the mixed content warning.

[ Permlink | « Hide ]
Henry Minsky - 30/Jan/08 02:08 PM
I cannot seem to reproduce this on my machine, but I can make that patch and check it in and you can see if it fixes
the bug for you.

[ Permlink | « Hide ]
Henry Minsky - 31/Jan/08 10:54 AM
------------------------------------------------------------------------
r7937 | hqm | 2008-01-31 13:53:30 -0500 (Thu, 31 Jan 2008) | 27 lines
Changed paths:
   A /openlaszlo/trunk/lps/includes/blank.html
   M /openlaszlo/trunk/lps/includes/source/lzhistory.js

Change 20080131-hqm-6 by hqm@DADDY_THNKPAD67 on 2008-01-31 13:49:34 EST
    in /cygdrive/c/users/hqm/openlaszlo/trunk
    for http://svn.openlaszlo.org/openlaszlo/trunk

Summary: fix IE6 warning when running lzx app over https

New Features:

Bugs Fixed: LPP-5364

Technical Reviewer: lorien
QA Reviewer: max
Doc Reviewer: (pending)

Documentation:

Release Notes:

Details:

specifies a target for the iframe which otherwise appears to default to appear as
http protocol


Tests:


------------------------------------------------------------------------


Powered by a free Atlassian JIRA open source license for Open Laszlo. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.12-#298) - Bug/feature request - Contact Administrators