Details
Bug
Major
Description
It seems that having an iframe with no src attribute cause problems when running
secure connections "you have no more secure elements"?? User fixed it this way:
"
I added the following line:
iframe.setAttribute("src", "false;");
in com.icesoft.faces.context.DOMResponseWriter, after line 409 (using source
code of version 1.5.1)
Then, I patched icefaces.jar with my new-compiled class. After this, the message
stopped appearing.
"
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion
Ted, what was the reason to remove the 'src' attribute? I know I had it in there and then you wanted to
take it out (it used to point to a blank page). Was it just to save one HTTP request?
Fixed in commit #12856.
Mircea,
Was this committed to both the HEAD and the v1.5 branch? If so, what are the
respective revision numbers?
The commit # is for 1.5 branch.
Javascript error occurs in non-secure mode (IE only).
Fixed in commit #12903 (1.5 branch).
Fixed in commit #12904 (HEAD).
Added "workaround" to test for the environment we're running in. If we're in a Servlet environment the
"src" attribute points to an existing url (/context/xmlhttp/blank.iface) that resolve to the parent frame
URL. If we're in a Portlet environment then the "src" attribute will point to "about:blank" URL.
The latter case should be analized more closely to find the proper solution.
I'm not sure which IFRAME this is but assigning to Mircea as it may be a bridge-generated IFRAME causing
the problem.
Should we consider this for 1.5.2? It is a major shortcoming if ICEfaces applications do not work over
HTTPS.