I have a web app that runs over ssl. Nothing on the page ever points outside of the secure domain, but if I change a frame's contents via JavaScript, Mozilla assumes that the page is not completely secure and displays a warning to this effect.
I've read through: http://bugzilla.mozilla.org/show_bug.cgi?id=155760 and can see no valid reason for this behavior. Interestingly, IE 5.5 does not have this behavior. What are average, non-computer-specialist users going to think if they use Netscape 7.x and go to a secure site that has some DHTML on it that changes the content of a frame, and get a security warning? They are not going to want to do business on that site, and that site's owners will have a motivation to encourage users to use a browser other than N7.x. Sounds like a bug to me. Perhaps instead of a frame for my targeted user interface element I should use a div. Yet frames are standard web u.i. idiom, and should be fully supported. My site is not up yet, but the bug report above gives a full example of the problem. Is there a final word on this issue from Mozilla/Netscape? If so, where may I read about it?
