Project

General

Profile

Actions

Bug #60886

closed

Backend via https throws "SEC7111: HTTPS security is compromised by res://ieframe.dll/dnserrordiagoff.htm" in IE

Added by Marco Huber over 9 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2014-08-11
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

Our beloved InternetExplorer has a problem with javascript:false as Ext.SSL_SECURE_URL.

When you open the backend, than there is a hidden iFrame (typo3-navigationIframe) with an empty src attribute and the IE uses javascript:false as src (default for Ext.SSL_SECURE_URL [1]).
When you open the backend via https, the IE wants to show res://ieframe.dll/dnserrordiagoff.htm because javascript:false is not a valid url. But this is detected as an unsecure resource. So you see this warning in the developer tools: "SEC7111: HTTPS security is compromised by res://ieframe.dll/dnserrordiagoff.htm"

Setting the URL to the clear.gif as Ext.SSL_SECURE_URL in typo3/sysext/core/Classes/Page/PageRenderer.php helps and doesn't create too much unnecessary traffic.

[1] http://dev.sencha.com/playpen/docs/output/Ext.html#SSL_SECURE_URL

Actions

Also available in: Atom PDF