Tapestry
  1. Tapestry
  2. TAPESTRY-212

DatePicker produces "Security information" dialog in IE on secure connection

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Resolution: Fixed
    • Affects Version/s: 3.0
    • Fix Version/s: 4.1
    • Component/s: Contrib
    • Labels:
      None
    • Environment:
      Operating System: All
      Platform: All

      Description

      When a Tapestry page with DatePicker is accessed using SSL and the user click
      to the DatePicker icon a security warning dialog appears in MS Internet
      Explorer: "Security information - This page contains both secure and nonsecure
      items. Do you want to display the nonsecure items?". It is anoying and seems to
      be caused by <iframe> tag used in calendar. This issue is described at
      http://support.microsoft.com/default.aspx?scid=kb;EN-US;837850&FR=1 .

      I know that again it is MS who is anoying us, but it would be great if it could
      be avoided. I don't know javascript very well, if it is possible to get rid of
      the <iform> tag usage in DatePicker component.

      Thanks,
      Karel

        Activity

        Hide
        Nick Westgate added a comment -

        In the process of implementing a secure site I ran into this problem.
        I found a discussion on the web which mentions some possibilities, though I can't test them right now.
        http://ask-leo.com/can_i_get_rid_of_the_this_page_contains_both_secure_and_nonsecure_items_warning.html

        An option in IE will disable the nag. Not the best solution, but better than replacing all DatePickers before deadline!

        "There is a browser setting in IE6 to turn this off (not sure of earlier browsers). Check out Tools > Internet Options > Security > Custom Level > Miscellaneous > Display mixed content. By default its set to prompt, reset it to Enable."

        Show
        Nick Westgate added a comment - In the process of implementing a secure site I ran into this problem. I found a discussion on the web which mentions some possibilities, though I can't test them right now. http://ask-leo.com/can_i_get_rid_of_the_this_page_contains_both_secure_and_nonsecure_items_warning.html An option in IE will disable the nag. Not the best solution, but better than replacing all DatePickers before deadline! "There is a browser setting in IE6 to turn this off (not sure of earlier browsers). Check out Tools > Internet Options > Security > Custom Level > Miscellaneous > Display mixed content. By default its set to prompt, reset it to Enable."

          People

          • Assignee:
            Unassigned
            Reporter:
            Karel Miarka
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development