Hello, although I use an old xsltforms version (r574) I have the same error using IE10 (we are tring to support IE10 in our xsltforms web): "HTTPS security is compromised by (null)". I think this problem still appears in newest version.
I have no problem with IE8, Firefox and Chrome. All the web is using
https, and no http request is done.
We have the problem in two situations:
* Using asynchronous submissions. To avoid the problem I have change js
code to force synchronous request in IE10:
isIE9 : navigator.userAgent.match(/\bMSIE\b/) &&
!navigator.userAgent.match(/\bOpera\b/) && window.addEventListener,
+ isIE10 : navigator.userAgent.match(/\bMSIE\b/) && window.FileReader,
isIE6 : navigator.userAgent.match(/\bMSIE 6\.0/),
-------
this.synchr = synchr;
+ //jde - Tenemos problemas con el modo asíncrono en Explorer 10,
lo hacemos siempre síncrono
+ if (XsltForms_browser.isIE10) {
+ this.synchr = true;
+ }
this.show = show;
I don't know if it is a better way to solve this problem, it works for me.
* Using triggers to make submissions that replace form:
I have in model:
<xf:submission id="ver_detalle" method="get" validate="false()"
ref="instance('tareaSeleccionada')" replace="all"
resource="WGOLIATH/TAREAS/detalleTarea.xml">
And in view:
<xf:action ev:event="DOMActivate">
<xf:setvalue ref="instance('tareaSeleccionada')/tareaSeleccionada"
model="datos" value="instance('tareas')/tarea
s_generadas/vct[index('lista-tareas-generadas')]/elm[1]"/>
<xf:send submission="ver_detalle"/>
</xf:action>
Debugging code, when new html replaces old one with document.write
method, error SEC7111 appears. When using a submit control it works ok:
<xf:submit submission="enviar">
<xf:label>Generar</xf:label>
</xf:submit>
Unfortunately, not always it is possible to use it, when some aditional
logic it is necessary.
To solve this problem, I forced to open the result in a new window. It
is not a good solution, but at least, web page is usable.
+ if (XsltForms_browser.isIE10 && this.replace === "all") {
+ this.show = "new";
+ }
Another way to solve the problem is to force IE8 compatibility using the
following:
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8"/>
But it causes not being able to use FileReader API to upload files.
Do you know any other better way to solve this problems?
Best Regards,
Javier
El 17/11/14 a las 23:24, [email protected] escribió:
> Alain,
> I saw the MS docs on SEC7111, but in this particular case it's not
> mixed content. As a matter of fact, the error displayed does not have
> a reference to offending resource (as it should) It shows: "|HTTPS
> security is compromised by (null)"|
>
> The content that server returns, and that document.write fails on is
> <script type="text/javascript"> window.location.href="FULL URL HERE
> WITH HTTPS protocol"; </script>. We did try writing out a full HTML
> page - same results
>
> The only mention of similar problem I could find was in BIG-IP support
> forum, listing a similar
> error:https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/windows-81-ki-suppl-doc.html
> (Issue 437652)
>
> Hope this helps.
>
> --Leonid
>
> ------------------------------------------------------------------------
> *From: *"alain couthures" <[email protected]>
> *To: *[email protected], [email protected]
> *Sent: *Monday, November 17, 2014 2:39:15 PM
> *Subject: *Re: [Xsltforms-support] In IE11 in secure mode (https) a
> call to document.write fails
>
> Leonid,
>
> Apparently, it might be due to mixed content HTTP/HTTPS
> (http://forums.asp.net/t/1777899.aspx?SEC7111+HTTPS+security+is+compromised).
>
>
> What do you think?
>
> --Alain
>
> Le 17 novembre 2014 à 16:43, [email protected] a écrit :
>
> Alain,
> As we tested our application that uses XSLTForms 1.0 RC2 we
> discovered a really bad bug. I'm pretty sure that is a bug with
> IE11, and not with XSLTForms, but the result is that forms
> submissions under IE11 in HTTPS mode do not work.
> Here is what happens. A form in the synchronous mode gets
> submitted to the back-end, processed, and a new page is returned
> successfully. At this time xsltforms.js executes function defined
> on line 8120. Then, after some checks it gets to line 8178 which
> replaces content of the form page with whatever the server
> returned. In all browsers, except IE11 it works fine. IE11 throws
> a security error SEC7111, and stops JavaScript processing.
>
> I'm not sure if you can do anything about it, but thought it would
> be a good idea to let other people know about it. We temporarily
> added specific code to use window.open() for IE11 to bypass the
> issue, but it is not a generic solution as we know what URL is the
> next page.
>
> Thanks for your work!
>
> Leonid Kagan, CTO
> Life Data Systems,Inc.
> Confidentiality Note: This message is intended for use only by the
> individual or entity to which it is addressed and may contain
> information that is privileged, confidential, and exempt from
> disclosure under applicable law.
>
>
>
>
>
> ------------------------------------------------------------------------------
>
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and
> Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration
> & more
> Get technology previously reserved for billion-dollar
> corporations, FREE
>
> http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk_______________________________________________
>
> Xsltforms-support mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/xsltforms-support
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
> from Actuate! Instantly Supercharge Your Business Reports and Dashboards
> with Interactivity, Sharing, Native Excel Exports, App Integration & more
> Get technology previously reserved for billion-dollar corporations, FREE
> http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
>
>
> _______________________________________________
> Xsltforms-support mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/xsltforms-support
<<attachment: jdiaz.vcf>>
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Xsltforms-support mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xsltforms-support
