Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Warning about insecure content

Status
Not open for further replies.

Pichdude

Programmer
Aug 24, 2005
66
SE
Hi,

I run my web-app in https. On one jsp i present a javascript with a calendar. This calender has relative links to images. When calendar is loaded I get a warning about insecure content in IE (not in FF). I thought that since my img tags are relative the would also be https, but I guess I was wrong. Is there any way in javascript to set that the images should be located using https? I cannot use absolute links.

Best regards

Pichdude
 
When using https, your image references will be automatically converted to an https image request.

I've only ran into this problem one time, and that was when attempting to access a frame that wasn't declared https (omfg, yes I've used frames before... but in my defense, it was to prevent a <select> element from showing through a div popup)

You said that you don't want to go through and explicitly define all the image requests as https because they cannot be absolute links. However, if I was to guess that's where I'd say your problem lies. If somewhere in the code you've defined the image with an absolute link with the non-secure protocol, it would cause this problem. Make sure you don't have any image references with http in them, they need to all be non-absolute references.

Aside from seeing your code or a link to your page, that's the best suggestion I can offer.

-kaht

Lisa, if you don't like your job you don't strike. You just go in every day and do it really half-assed. That's the American way. - Homer Simpson

[small]<P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <.</B>[/small]
 
I think I have located the problem, however I do not know how to solve it. The warning about unsecure content only appears in IE6, not in IE7 and FF. In the the calender javascript an iframe is created if browser is IE6 or less:

if (navigator.appVersion.indexOf("MSIE")!=-1){
if(parseFloat(navigator.appVersion.split("MSIE")[1]) <= 6.0){
var bgCal = document.all ? document.all.item("dpCalIFrame") : document.getElementById("dpCalIFrame");

if(bgCal == null){
bgCal = document.createElement("iframe");
bgCal.id = "dpCalIFrame";
bgCal.style.display = "none";
bgCal.style.position = "absolute";
bgCal.frameBorder = "0";
document.body.appendChild(bgCal);
}
cal.style.zIndex = 100;

bgCal.style.zIndex = cal.style.zIndex - 1;
bgCal.style.top = cal.offsetTop;
bgCal.style.left = cal.offsetLeft;

bgCal.style.width = cal.offsetWidth - 15;
bgCal.style.height = cal.offsetHeight;
bgCal.style.display = cal.style.display;
}
}


Could this script be the problem?

Best regards

Pichdude
 
Could this script be the problem?

Yup, and that's the same thing I was attempting when I ran into the problem - creating an invisible frame to sit between the popup and the content of the page so that dropdowns don't show through your popup content.

The way I fixed it was to create an empty file called blank.html and set the src of the frame to that. That fixed the warnings and didn't affect any functionality.

-kaht

Lisa, if you don't like your job you don't strike. You just go in every day and do it really half-assed. That's the American way. - Homer Simpson

[small]<P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <B> <P> <.</B>[/small]
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top