[jboss-jira] [JBoss JIRA] Created: (JBPORTAL-2012) IE6 SSL iframe security warnings
Ryan Carmichael (JIRA)
jira-events at lists.jboss.org
Mon May 12 09:37:21 EDT 2008
IE6 SSL iframe security warnings
--------------------------------
Key: JBPORTAL-2012
URL: http://jira.jboss.com/jira/browse/JBPORTAL-2012
Project: JBoss Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Portal Core, Portal Security, Portal Web
Affects Versions: 2.6.4 Final
Environment: Internet Explorer 6
Reporter: Ryan Carmichael
Assigned To: Julien Viet
IE6 displayed warning "This page contains both secure and nonsecure items" appears on every page when using SSL. This seems to be cause by IE6 not handling iframe src set to "". The fix is:
---
server/default/deploy/jboss-portal.sar/portal-core.war/layouts/common/modal.jsp
change iframe src=""
to
iframe src="javascript:''"
---
---
server\default\deploy\jboss-portal.sar\portal-core.war\WEB-INF\jsp\header\header.jsp
change
<script type="text/javascript">
//we don't need the iframe/modal if logged in
document.getElementById('loginIframe').src = '';
</script>
to
<script type="text/javascript">
//we don't need the iframe/modal if logged in
document.getElementById('loginIframe').src = "javascript:''";
</script>
---
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list