htmlArea

A directory of browser-based WYSIWYG editors

  MAIN
INDEX
SEARCH
POSTS
WHO'S
ONLINE
LOG
IN

Home: htmlArea 2: htmlArea 2 & 3 archive (read only): htmlArea v2.0:
Running in a secure enviroment


The htmlArea 2 & 3 editors have been discontinued.

We've made these forums available as a read-only reference and knowledge-base for people using or developing editors based on htmlArea 2 or 3.

Anyone who is interested in taking over version 2 or 3 is free to do so. All we ask is that you choose a new name that doesn't have "htmlarea" in it to avoid confusion with this site. We'll even give you a link in the directory to make it easier for people to find you. If you are developing or hosting an htmlArea based-editor under a new name, please submit it to our directory.

 


hostingfreak
Novice

Sep 5, 2002, 8:52 AM

Post #1 of 7 (10043 views)
Shortcut
Running in a secure enviroment Can't Post

Quick question... when using this tool in a secure area I get a security warning like it is pulling in non secure images. However all of my paths are relative and http:// is being called no where I can see. When I choose NOT to display non-secure images, all images display anyway. My question is, where is this non secure image it is calling and what do I need to change to make it secure?



Thank you.


Dave
Staff / Moderator


Sep 5, 2002, 11:23 AM

Post #2 of 7 (10038 views)
Shortcut
Re: [hostingfreak] Running in a secure enviroment [In reply to] Can't Post

Here's a "bookmarklet" that will show you the source that IE has rendered.

javascript:w=window.open();d=w.document;d.open("text/plain");d.write(document.body.outerHTML);d.close();

Go to the page with the editor, copy and paste this into the address bar (make sure it's all on one line) and you'll get a popup with the source. Just search for http: and you should be able to find your rogue image. : )

Note: This is different from the regular view source, this shows you the actual current state of the page, after javascript has added and modified things. So you'll actually be able to see an iframe tag and all the buttons for the wysiwyg editor.

This also works on pages with right-click disabled and fancy javascript encoding to hide their source because it shows you what IE see's after javascript has run, not just the original page source sent from the web server.

Dave Edis - Senior Developer
interactivetools.com


hostingfreak
Novice

Sep 5, 2002, 12:03 PM

Post #3 of 7 (10034 views)
Shortcut
Re: [Dave] Running in a secure enviroment [In reply to] Can't Post

Interesting... the souce shows all secure images. I also tried this using the example in the tar file - unchanged but using the secure area. Still is giving a security warning. Any other ideas?


Dave
Staff / Moderator


Sep 5, 2002, 12:41 PM

Post #4 of 7 (10030 views)
Shortcut
Re: [hostingfreak] Running in a secure enviroment [In reply to] Can't Post

Hmm, are you using IE 6? Try View -> Privacy Report. It should give you a list of all the objects on the page. Does that show anything? You might need to select "Yes" when it asks if you want to display the non-secure items for them to show up in the list.

Dave Edis - Senior Developer
interactivetools.com


hostingfreak
Novice

Sep 5, 2002, 12:58 PM

Post #5 of 7 (10026 views)
Shortcut
Re: [Dave] Running in a secure enviroment [In reply to] Can't Post

Using IE 5.50.. do not have the privacy report option...


Dave
Staff / Moderator


Sep 5, 2002, 1:59 PM

Post #6 of 7 (10023 views)
Shortcut
Re: [hostingfreak] Running in a secure enviroment [In reply to] Can't Post

Hmm, well, I'm not sure. If it's a public URL you could email it to me (dave@interactivetools.com) and I could take a look. You don't get the mixed content error when you comment out the editor_generator line right?

Dave Edis - Senior Developer
interactivetools.com


hostingfreak
Novice

Sep 5, 2002, 2:50 PM

Post #7 of 7 (10020 views)
Shortcut
Re: [Dave] Running in a secure enviroment [In reply to] Can't Post

Looks to be some bug in IE 5.5, at least according to posts on Google. Having to do with javascript calling images in JS code. Looks like the only fix is to update the browser.

 
 
 


Search for (options)