Alain,
I saw the MS docs on SEC7111, but in this particular case it's not mixed
content. As a matter of fact, the error displayed does not have a reference to
offending resource (as it should) It shows: " HTTPS security is compromised by
(null)"
The content that server returns, and that document.write fails on is <script
type="text/javascript"> window.location.href=" FULL URL HERE WITH HTTPS
protocol "; </script> . We did try writing out a full HTML page - same results
The only mention of similar problem I could find was in BIG-IP support forum,
listing a similar error:
https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/windows-81-ki-suppl-doc.html
(Issue 437652 )
Hope this helps.
--Leonid
----- Original Message -----
From: "alain couthures" <alain.couthu...@agencexml.com>
To: lka...@lifedatasystems.com, xsltforms-support@lists.sourceforge.net
Sent: Monday, November 17, 2014 2:39:15 PM
Subject: Re: [Xsltforms-support] In IE11 in secure mode (https) a call to
document.write fails
Leonid,
Apparently, it might be due to mixed content HTTP/HTTPS
(http://forums.asp.net/t/1777899.aspx?SEC7111+HTTPS+security+is+compromised).
What do you think?
--Alain
Le 17 novembre 2014 à 16:43, lka...@lifedatasystems.com a écrit :
Alain,
As we tested our application that uses XSLTForms 1.0 RC2 we discovered a really
bad bug. I'm pretty sure that is a bug with IE11, and not with XSLTForms, but
the result is that forms submissions under IE11 in HTTPS mode do not work.
Here is what happens. A form in the synchronous mode gets submitted to the
back-end, processed, and a new page is returned successfully. At this time
xsltforms.js executes function defined on line 8120. Then, after some checks it
gets to line 8178 which replaces content of the form page with whatever the
server returned. In all browsers, except IE11 it works fine. IE11 throws a
security error SEC7111, and stops JavaScript processing.
I'm not sure if you can do anything about it, but thought it would be a good
idea to let other people know about it. We temporarily added specific code to
use window.open() for IE11 to bypass the issue, but it is not a generic
solution as we know what URL is the next page.
Thanks for your work!
Leonid Kagan, CTO
Life Data Systems,Inc.
Confidentiality Note: This message is intended for use only by the individual
or entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable law.
<blockquote>
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk_______________________________________________
Xsltforms-support mailing list
Xsltforms-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xsltforms-support
</blockquote>
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Xsltforms-support mailing list
Xsltforms-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xsltforms-support
