htmlArea

A directory of browser-based WYSIWYG editors

  MAIN
INDEX
SEARCH
POSTS
WHO'S
ONLINE
LOG
IN

Home: htmlArea 3 (beta): htmlArea 2 & 3 archive (read only): htmlArea v3.0 - Discussion:
https secure issue


The htmlArea 2 & 3 editors have been discontinued.

We've made these forums available as a read-only reference and knowledge-base for people using or developing editors based on htmlArea 2 or 3.

Anyone who is interested in taking over version 2 or 3 is free to do so. All we ask is that you choose a new name that doesn't have "htmlarea" in it to avoid confusion with this site. We'll even give you a link in the directory to make it easier for people to find you. If you are developing or hosting an htmlArea based-editor under a new name, please submit it to our directory.

 


psychobabble
Novice

Mar 9, 2003, 4:05 PM

Post #1 of 10 (7041 views)
Shortcut
https secure issue Can't Post

I am putting this code on the secure side of my website. I am getting an error that says this page contains secure and unsecure objects yada ya. IN I.E 5.5 anyway. Long story short I have put the code inline and also referenced outside the page and have linked all urls via https and relative back and forth etc.. Wanting now to strangle I.E with my tiny little hands until it begs for mercy. Has anyone else had this problem or could they point me to where in the code may being causing I.E. to throw this exception on the security side.



Thank you


psychobabble
Novice

Mar 10, 2003, 12:15 PM

Post #2 of 10 (7021 views)
Shortcut
Re: [psychobabble] https secure issue [In reply to] Can't Post

Okay I solved my own problem.. If someone else has issues with putting this code behind a secure server the trick is in the iFrame. when the iFrame is called as an object its source is nothing which i think tricks the browser into believing there could be "unsecure" data coming from that object since iFrames can call content outside your page. I solved the problem by adding one line of code. iFrame.src="blank.htm" and dropped a blank html page where i was editing the information. Low and behold the security alert went away. I also noticed it didn't care if my page was there or not(blank.htm). So putting the physical blank.htm page there was just a formality.


tcamos
Novice

May 21, 2003, 11:31 AM

Post #3 of 10 (6916 views)
Shortcut
Post deleted by tcamos [In reply to]

 


ck_tung
Novice

May 21, 2003, 8:21 PM

Post #4 of 10 (6906 views)
Shortcut
Re: [psychobabble] https secure issue [In reply to] Can't Post

Good shoot!

I found if the url is set to a non blank page,
then the iframe won't work under mozilla 1.3a on win2000.
And if the url is set to a blank page,
then mozilla 1.3a on Linux won't work.

So I suggest to set this only if browser is IE and the is what I added:
(after the 'var iframe = document.createElement("iframe");' line)

if (HTMLArea.is_ie) {
// tricky! set src to local url to turn off SSL security alert
iframe.src = this.config.popupURL+"blank.html";
}

Thanks again.


(This post was edited by ck_tung on May 27, 2003, 12:43 AM)


ck_tung
Novice

May 21, 2003, 8:23 PM

Post #5 of 10 (6907 views)
Shortcut
Re: [tcamos] https secure issue [In reply to] Can't Post

Hi Tcamos,

It is about line 386 of htmlarea.js, just after the following block

// create the IFRAME
var iframe = document.createElement("iframe");

Regards.


tcamos
Novice

May 22, 2003, 8:22 AM

Post #6 of 10 (6890 views)
Shortcut
Post deleted by tcamos [In reply to]

 


HLHarkins
Novice

Jun 11, 2003, 3:58 PM

Post #7 of 10 (6814 views)
Shortcut
Re: [ck_tung] https secure issue [In reply to] Can't Post

Hi there --

I was so happy to see this fix! We have users who are very "security" sensitive!

It definitely works nicely for us, so far. But I wanted to let you know that, if you're logging 404 errors, you actually do need to create a file in the location that it's being sought by the script. We have our system set up to email us regarding various errors, and the page is definitely throwing 404s related to popups/blank.html.

Thanks, again, for the great fix and thoroughness!

We're endebted to you

HLHarkins Sly


rgurganus
New User

Sep 18, 2003, 9:09 AM

Post #8 of 10 (6560 views)
Shortcut
Re: [tcamos] https secure issue [In reply to] Can't Post

Can you reference in which files the http was changed to https? I just downloaded v.3, and the only references to http:// that I see are where it links to interactivetools.com. Thanks.


agf
User

Mar 26, 2004, 11:55 AM

Post #9 of 10 (5886 views)
Shortcut
Re: [ck_tung] https secure issue [In reply to] Can't Post

(after the 'var iframe = document.createElement("iframe");' line)

if (HTMLArea.is_ie) {
// tricky! set src to local url to turn off SSL security alert
iframe.src = this.config.popupURL+"blank.html";
}

That worked great! Thanks


jaypee
Novice

Dec 23, 2004, 2:58 AM

Post #10 of 10 (5009 views)
Shortcut
Re: [agf] https secure issue [In reply to] Can't Post

The only problem with this fix as I see it, is that it makes the running of HTML area count two times in browser history. And when you hit the browser back button you get "permission denied". Does this problem occur in other browsers than IE6.0?

 
 
 


Search for (options)