You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@myfaces.apache.org by "Vadim Fainshtein (JIRA)" <de...@myfaces.apache.org> on 2007/06/25 17:13:26 UTC
[jira] Created: (TOMAHAWK-1034) Warning page contains secure and
nonsecure items on IE when using https
Warning page contains secure and nonsecure items on IE when using https
-----------------------------------------------------------------------
Key: TOMAHAWK-1034
URL: https://issues.apache.org/jira/browse/TOMAHAWK-1034
Project: MyFaces Tomahawk
Issue Type: Bug
Components: InputSuggestAjax
Affects Versions: 1.1.6
Environment: IE 6, IE 7
Reporter: Vadim Fainshtein
TabbleSuggestAjax in IE with SSL pops up a warning message "This page contains both secure and nonnsecure items".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (TOMAHAWK-1034) Warning page contains secure and
nonsecure items on IE when using https
Posted by "Tomasz Bech (JIRA)" <de...@myfaces.apache.org>.
[ https://issues.apache.org/jira/browse/TOMAHAWK-1034?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tomasz Bech updated TOMAHAWK-1034:
----------------------------------
Status: Patch Available (was: Open)
> Warning page contains secure and nonsecure items on IE when using https
> -----------------------------------------------------------------------
>
> Key: TOMAHAWK-1034
> URL: https://issues.apache.org/jira/browse/TOMAHAWK-1034
> Project: MyFaces Tomahawk
> Issue Type: Bug
> Components: InputSuggestAjax
> Affects Versions: 1.1.6
> Environment: IE 6, IE 7
> Reporter: Vadim Fainshtein
>
> TabbleSuggestAjax in IE with SSL pops up a warning message "This page contains both secure and nonnsecure items".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (TOMAHAWK-1034) Warning page contains
secure and nonsecure items on IE when using https
Posted by "Tomasz Bech (JIRA)" <de...@myfaces.apache.org>.
[ https://issues.apache.org/jira/browse/TOMAHAWK-1034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12603003#action_12603003 ]
tomasz.bech edited comment on TOMAHAWK-1034 at 6/6/08 4:32 AM:
---------------------------------------------------------------
Here is workaround for the problem.
After several tries with changing to new dojo, etc, I've found that the issue is related with dynamicaly loaded .js files (by dojo.require function).
I have no idea why it generates the error on IE in some cases, but there is a way to avoid it - by loading required .js files directly from .html.
In patch I've provided the jsp (just include it in all pages where the inputSuggestBox is used) and complete directory with .js files (after patch check if Firebug if .js are taken from new location instead of from tomahawk.jar internal servlet)
Those .js files comes from tomahawk 1.1.6 distribution except ComboBox.js (this file was taken from dojo-.0.4.3-kitchen-sink and modified slightly to support proper inline template (line 143, member: templateString).
By that there are no 'on demand' loading' of resources by dojo and inputSuggestBox works under IE and https.
Note: This patch cannot be included tomahawk.jar - the real problem of 'dojo.require' has to be found. Simply upgrading to dojo-0.4.3 inside tomahawk didn't resolve the issue as well.
was (Author: tomasz.bech):
Here is workaround for the problem.
After several tries with changing to new dojo, etc, I've found that the issue is related with dynamicaly loaded .js files (by dojo.require function).
I have no idea why it generates the error on IE in some cases, but there is a way to avoid it - by loading required .js files directly from .html.
In patch I've provided the jsp (just include it in all pages where the inputSuggestBox is used) and complete directory with .js files (after patch check if Firebug if .js are taken from new location instead of from tomahawk.jar internal servlet)
Those .js files comes from tomahawk 1.1.6 distribution except ComboBox.js (this file was taken from dojo-.0.4.3-kitchen-sink and modified slightly to support proper inline template (line 143, member: templateString).
By that there are no 'on demand' loading' of resources by dojo and inputSuggestBox works under IE and https.
Note: This patch cannot be included tomahawk.jar - the real problem of 'dojo.require' has to be found. Simply upgrading to dojo-0.4.3 inside tomahawk didn't resolved the issue as well.
> Warning page contains secure and nonsecure items on IE when using https
> -----------------------------------------------------------------------
>
> Key: TOMAHAWK-1034
> URL: https://issues.apache.org/jira/browse/TOMAHAWK-1034
> Project: MyFaces Tomahawk
> Issue Type: Bug
> Components: InputSuggestAjax
> Affects Versions: 1.1.6
> Environment: IE 6, IE 7
> Reporter: Vadim Fainshtein
> Attachments: inputSiggestBox-patch.zip
>
>
> TabbleSuggestAjax in IE with SSL pops up a warning message "This page contains both secure and nonnsecure items".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TOMAHAWK-1034) Warning page contains secure and
nonsecure items on IE when using https
Posted by "Chris bush (JIRA)" <de...@myfaces.apache.org>.
[ https://issues.apache.org/jira/browse/TOMAHAWK-1034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12644991#action_12644991 ]
Chris bush commented on TOMAHAWK-1034:
--------------------------------------
The workaround I found for the problem was to comment out the dojo.a11y.setAccessibleMode(); in the dojo.widget.buildWidgetFromParseTree within the dojo.js that is provided inside the tomahawk library. This issue I had with tomahawk-1.1.5.
The accessibleMode setting was causing a background image to be loaded that IE could not determine to be secure. Looks like this:
div.style.backgroundImage = "url(\"" + this.imgPath + "/tab_close.gif\")";
imgPath:dojo.uri.dojoUri("src/widget/templates/images")
Once this change was made, the problem went away and InputSuggestAjax worked just as expected.
> Warning page contains secure and nonsecure items on IE when using https
> -----------------------------------------------------------------------
>
> Key: TOMAHAWK-1034
> URL: https://issues.apache.org/jira/browse/TOMAHAWK-1034
> Project: MyFaces Tomahawk
> Issue Type: Bug
> Components: InputSuggestAjax
> Affects Versions: 1.1.6
> Environment: IE 6, IE 7
> Reporter: Vadim Fainshtein
> Attachments: inputSiggestBox-patch.zip
>
>
> TabbleSuggestAjax in IE with SSL pops up a warning message "This page contains both secure and nonnsecure items".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TOMAHAWK-1034) Warning page contains secure and
nonsecure items on IE when using https
Posted by "Tomasz Bech (JIRA)" <de...@myfaces.apache.org>.
[ https://issues.apache.org/jira/browse/TOMAHAWK-1034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12607509#action_12607509 ]
Tomasz Bech commented on TOMAHAWK-1034:
---------------------------------------
As I wrote, it is workaround.
Some .js files which are used by inputSuggestBox are bundled in dojo part of tomahawk (inside jar) and loaded on demand. I found out, that loading those scripts 'on demand' causes the 'nonsecure' message in IE, but I couldn't find the reason - maybe a developer from dojo project should be contacted / can help - Leonardo, as a committer of tomahawk, can you ask someone from dojo to have a look on this issue?. The idea of workaround is to load those scripts directly from jsp page and there is no way to make THIS workaround as a patch inside tomahawk, it can only be applied in application .war file. Zip which is attached contains files, which should be put in .war and jsp page to be included in projects jsps.
This is really unique component (I see no other which can be used instead), so it would be good to have a real PATCH. For now there is at least workaround.
> Warning page contains secure and nonsecure items on IE when using https
> -----------------------------------------------------------------------
>
> Key: TOMAHAWK-1034
> URL: https://issues.apache.org/jira/browse/TOMAHAWK-1034
> Project: MyFaces Tomahawk
> Issue Type: Bug
> Components: InputSuggestAjax
> Affects Versions: 1.1.6
> Environment: IE 6, IE 7
> Reporter: Vadim Fainshtein
> Attachments: inputSiggestBox-patch.zip
>
>
> TabbleSuggestAjax in IE with SSL pops up a warning message "This page contains both secure and nonnsecure items".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TOMAHAWK-1034) Warning page contains secure and
nonsecure items on IE when using https
Posted by "Leonardo Uribe (JIRA)" <de...@myfaces.apache.org>.
[ https://issues.apache.org/jira/browse/TOMAHAWK-1034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12606970#action_12606970 ]
Leonardo Uribe commented on TOMAHAWK-1034:
------------------------------------------
The attached patch is not in diff or patch format (using a svn tool). I don't know how to apply it!!!! what is the purpose of dojo-patch.jsp? what are stabile.js and where is PopupContainer.jsp?
Could you provide us a patch that we can review and apply on tomahawk?
Your contributions will be appreciated
> Warning page contains secure and nonsecure items on IE when using https
> -----------------------------------------------------------------------
>
> Key: TOMAHAWK-1034
> URL: https://issues.apache.org/jira/browse/TOMAHAWK-1034
> Project: MyFaces Tomahawk
> Issue Type: Bug
> Components: InputSuggestAjax
> Affects Versions: 1.1.6
> Environment: IE 6, IE 7
> Reporter: Vadim Fainshtein
> Attachments: inputSiggestBox-patch.zip
>
>
> TabbleSuggestAjax in IE with SSL pops up a warning message "This page contains both secure and nonnsecure items".
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.