Re: [Xsltforms-support] In IE11 in secure mode (https) a call to document.write fails
Brought to you by:
alain-couthures
Menu
▾
▴
Re: [Xsltforms-support] In IE11 in secure mode (https) a call to document.write fails
|
From: <lk...@li...> - 2014-11-17 22:25:02
|
Alain, I saw the MS docs on SEC7111, but in this particular case it's not mixed content. As a matter of fact, the error displayed does not have a reference to offending resource (as it should) It shows: " HTTPS security is compromised by (null)" The content that server returns, and that document.write fails on is <script type="text/javascript"> window.location.href=" FULL URL HERE WITH HTTPS protocol "; </script> . We did try writing out a full HTML page - same results The only mention of similar problem I could find was in BIG-IP support forum, listing a similar error: https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/windows-81-ki-suppl-doc.html (Issue 437652 ) Hope this helps. --Leonid ----- Original Message ----- From: "alain couthures" <ala...@ag...> To: lk...@li..., xsl...@li... Sent: Monday, November 17, 2014 2:39:15 PM Subject: Re: [Xsltforms-support] In IE11 in secure mode (https) a call to document.write fails Leonid, Apparently, it might be due to mixed content HTTP/HTTPS (http://forums.asp.net/t/1777899.aspx?SEC7111+HTTPS+security+is+compromised). What do you think? --Alain Le 17 novembre 2014 à 16:43, lk...@li... a écrit : Alain, As we tested our application that uses XSLTForms 1.0 RC2 we discovered a really bad bug. I'm pretty sure that is a bug with IE11, and not with XSLTForms, but the result is that forms submissions under IE11 in HTTPS mode do not work. Here is what happens. A form in the synchronous mode gets submitted to the back-end, processed, and a new page is returned successfully. At this time xsltforms.js executes function defined on line 8120. Then, after some checks it gets to line 8178 which replaces content of the form page with whatever the server returned. In all browsers, except IE11 it works fine. IE11 throws a security error SEC7111, and stops JavaScript processing. I'm not sure if you can do anything about it, but thought it would be a good idea to let other people know about it. We temporarily added specific code to use window.open() for IE11 to bypass the issue, but it is not a generic solution as we know what URL is the next page. Thanks for your work! Leonid Kagan, CTO Life Data Systems,Inc. Confidentiality Note: This message is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. <blockquote> ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk_______________________________________________ Xsltforms-support mailing list Xsl...@li... https://lists.sourceforge.net/lists/listinfo/xsltforms-support </blockquote> |
