Opened 9 years ago

Closed 9 years ago

#16817 closed defect (wontfix)

[IE7 and HTTPS] IE7 throws a Security Information: This page contains both secure and nonsecure items

Reported by: Paul Christopher Owned by:
Priority: undecided Milestone: tbd
Component: General Version: 1.8.3
Keywords: Cc:
Blocked By: Blocking:



Running the attached test case in IE8 with IE7 mode enabled gives a warning dialog box:

"Security Information: This page contains both secure and nonsecure items"

Please note: This behaviour is not reproducible on IE9 with IE7 mode enabled, but IE7 only or IE8 in IE7 mode.

The strange thing is: The test page contains just a simple dijit/form/ValidationTextBox and and dijit/form/Button. So I have no idea why IE7 thinks, there are nonsecure items...

Steps to reproduce the issue

Deploy the test file on your server. Run it with https://... and not http://. In IE7, this triggers a warning message as described above.


Does the new AMD loader cause the trouble? Or am I just making a stupid mistake? Sorry for the imprecise ticket this time...

Attachments (1)

testRemoveWarning.htm (1.6 KB) - added by Paul Christopher 9 years ago.

Download all attachments as: .zip

Change History (8)

Changed 9 years ago by Paul Christopher

Attachment: testRemoveWarning.htm added

comment:1 Changed 9 years ago by bill

See also #8373 and #6603. Not sure if it's worth fixing this though; we dropped IE7 from our list of supported browsers.

comment:2 Changed 9 years ago by Paul Christopher

Our customer still uses IE7, and I thought that IE7 is still supported in Dojo 1.x. I personally have now idea how to debug this issue. Could you give me a hint how to spot the neuralic point?

The problem is, that I only get a warning message but no hint, what actually is considered as nonsecure by the browser.

The tickets you have mentioned above are closed as "fixed" (whereas one of the tickets is a duplicate of the other ticket).

Apparently, something else seems to cause the trouble now...

comment:3 Changed 9 years ago by bill

These problems are always tricky, and seem to be random. It could be an <img> node that it tries to load, accessing blank.gif and not liking the path to it. We went through pains to get that to work without errors but it seems to be different for every person.

comment:4 Changed 9 years ago by Paul Christopher

Bill, thank you very much for that hint!

Indeed it was the img url. I could fix it by adjusting the config.blankGif and config.blankHtmlUrl.

Puhh, happy that I could resolve that issue...

comment:5 Changed 9 years ago by bill

OK good. Was something weird about the image URL? Isn't it just a relative path without http:// or anything like that?

comment:6 Changed 9 years ago by Paul Christopher

I have just specified a fully qualified path for blank.gif and blank.html with the above mentioned config parameters. And this did the trick, luckily.


<script src="js/dojo/dojo.js" data-dojo-config="async:true, parseOnLoad:true, blankGif:'https://myserver/dojo/resources/blank.gif', blankHtmlUrl:'https://myserver/dojo/resources/blank.html' "></script>

comment:7 Changed 9 years ago by bill

Resolution: wontfix
Status: newclosed

OK. My memory is that we are using (what I consider) a perfectly reasonable URL like "../dojo/resources/blank.gif" or "/dojo/resources/blank.gif" or javascript:"", and it still complains for some people, so I think that's the only workaround. Glad it's working for you.

Note: See TracTickets for help on using tickets.