Re: Security message when using popup dialog
Martijn Dashorst wrote: look in the source of the page, and possibly try to capture the headers. This will help us in discovering what goes wrong. Haven't been able to find anything in the source referencing this bizarre address. Of course 'View Source' doesn't keep up with dynamic changes made to the HTML document. Here is the request header that I think is causing the problem: GET /dch-apps/mcir/wicket/://0 HTTP/1.1 Accept: */* Referer: https://localhost:7000/dch-apps/mcir/wicket/;jsessionid=cc1740a122b817d48694251b4c9ebfa7f4cb98e303e4?wicket:interface=modal-dialog-pagemap:0 Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) Host: localhost:7000 Connection: Keep-Alive Cookie: PD-S-SESSION-ID=2_3Up0h124Sdjoiwp2xtcs6noIRVFNPvCGgyexh+nKYigzh-Xr; AMWEBJCT!%2Fsom!JSESSIONID=86sQ6Yf_BcJ3mqzjMZdxO1g:-1; PD_STATEFUL_e7b6e27e-0ebe-11dc-b6c7-cc17401eaa77=%2Fsom; IV_JCT=%2Fdch-apps; AMWEBJCT!%2Fdch-apps!JSESSIONID=cc1740a122b817d48694251b4c9ebfa7f4cb98e303e4 And here is the corresponding response: HTTP/1.1 404 Not Found content-type: text/html date: Wed, 31 Oct 2007 12:53:18 GMT p3p: CP=NON CUR OTPi OUR NOR UNI server: Oracle Containers for J2EE x-old-content-length: 148 transfer-encoding: chunked 94 HTMLHEADTITLE404 Not Found/TITLE/HEADBODYH1404 Not Found/H1Resource /dch-apps/mcir/wicket/:/0 not found on this server/BODY/HTML 0 Don't let the localhost:7000 throw you. That's just because I'm routing the request through a program which allows me to capture to request/response headers. It doesn't appear that this same request is being made in FF though. Martijn Dashorst wrote: And please check if you have images without a src attribute or an empty src attribute. That seems to cause problems too (though possibly not this one). No image tags to check in this case. Aside from the images used by the wicket popup, there's only one image on the page at all and it's added via css. We're not really allowed to use graphics in this app (boring). Thanks for the help. Joel -- View this message in context: http://www.nabble.com/Security-message-when-using-popup-dialog-tf4720449.html#a13509156 Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Security message when using popup dialog
look in the source of the page, and possibly try to capture the headers. This will help us in discovering what goes wrong. And please check if you have images without a src attribute or an empty src attribute. That seems to cause problems too (though possibly not this one). Martijn On 10/30/07, hillj2 [EMAIL PROTECTED] wrote: I'm using wicket's popup dialog and it works just fine, but when deploy my app to our test server, which sits behind a proxy using SSL, I get a security message from IE saying This page contains both secure and nonsecure items whenever I open the popup. I've traced it to a 404 error which is returning from a request to SERVLET_PATH/://0. I have no idea where this request is coming from or what resource ://0 is supposed to refer to. This request doesn't appear to get made when I run it on my local machine (of course I'm not using SSL, but I also don't ever see this request get made to my local webserver). Any idea what this path is supposed to be or where it's getting called from? This is wicket 1.3 beta2. Thanks. Joel -- View this message in context: http://www.nabble.com/Security-message-when-using-popup-dialog-tf4720449.html#a13494917 Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Buy Wicket in Action: http://manning.com/dashorst Apache Wicket 1.3.0-beta4 is released Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.3.0-beta4/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]