[richfaces-issues] [JBoss JIRA] Updated: (RF-11344) rich:fileUpload causes a browser security warning in IE when using HTTPS

[Lee Theobald (JIRA)]

     [ 
https://issues.jboss.org/browse/RF-11344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Lee Theobald updated RF-11344:
------------------------------

     Original Estimate:     (was: 4 hours)
    Remaining Estimate:     (was: 4 hours)
                Labels: richfaces  (was: )
           Environment: IE7/Windows 7, HTTPS  (was: IE6/Windows XP, HTTPS)
              Priority: Minor  (was: Major)
           Description: 
I believe this is similar to previously fixed bug #4583 : 
https://issues.jboss.org/browse/RF-4583

The Richfaces FileUpload is rendered using an IFrame without a source 
attribute.  When using Internet Explorer, this displays a security warning that 
you are about to view a secure page with unsecure elements.

I've fixed this locally by adding a simple src="javascript:false;" to the 
IFrame via JavaScript on page load.

  was:
The Richfaces ComboBox is rendered using an empty iFrame when using Internet 
Explorer.
This causes IE 6 to display a security warning that you are about to view a 
secure page with unsecure elements because the iFrame has an empty page inside 
which apparently IE considers an unsecure element..

This problem can be easily resolved by putting a relative reference to an empty 
page into the iFrame.

           Component/s: component-input


> rich:fileUpload causes a browser security warning in IE when using HTTPS
> ------------------------------------------------------------------------
>
>                 Key: RF-11344
>                 URL: https://issues.jboss.org/browse/RF-11344
>             Project: RichFaces
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: component-input
>    Affects Versions: 3.2.2
>         Environment: IE7/Windows 7, HTTPS
>            Reporter: Lee Theobald
>            Assignee: Mikhail Vitenkov
>            Priority: Minor
>              Labels: richfaces
>             Fix For: 3.3.0
>
>
> I believe this is similar to previously fixed bug #4583 : 
> https://issues.jboss.org/browse/RF-4583
> The Richfaces FileUpload is rendered using an IFrame without a source 
> attribute.  When using Internet Explorer, this displays a security warning 
> that you are about to view a secure page with unsecure elements.
> I've fixed this locally by adding a simple src="javascript:false;" to the 
> IFrame via JavaScript on page load.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        
_______________________________________________
richfaces-issues mailing list
richfaces-issues@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/richfaces-issues