Pop-up and secure connection

Discussion in 'Javascript' started by debedb@gmail.com, Jul 18, 2005.

  1. Guest

    Hi all,

    I have a link, <A onClick="javascript:foo()">. The
    foo() function does

    w = window.open('', fieldid+'mywindow', prop);
    w.document.open();
    d = w.document;

    And proceeds to write stuff there.

    The problem is, if I serve the original page off
    an https connection, upon the click, IE
    warns that I am about to leave a secure connection,
    then, when the new window pops up, it warns that I
    am about to enter a secure connection.

    Is there a way to get rid of these warnings in this case?
    , Jul 18, 2005
    #1
    1. Advertising

  2. Randy Webb Guest

    wrote:

    > Hi all,
    >
    > I have a link, <A onClick="javascript:foo()">. The
    > foo() function does


    Only if JS is enabled.

    <URL: http://jibbering.com/faq/#FAQ4_24 >

    > w = window.open('', fieldid+'mywindow', prop);
    > w.document.open();
    > d = w.document;
    >
    > And proceeds to write stuff there.
    >
    > The problem is, if I serve the original page off
    > an https connection, upon the click, IE
    > warns that I am about to leave a secure connection,
    > then, when the new window pops up, it warns that I
    > am about to enter a secure connection.
    >
    > Is there a way to get rid of these warnings in this case?


    Stop and ask yourself why that warning is there to start with and you
    will realize that there is only one way to prevent them - stop going
    from secure to un-secure connections.


    --
    Randy
    comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    Randy Webb, Jul 18, 2005
    #2
    1. Advertising

  3. Guest

    > Only if JS is enabled.

    That's implied :).

    >URL: http://jibbering.com/faq/#FAQ4_24


    Yes, I've looked there. While I'm genuinely (no sarcasm!) happy
    to learn what really goes on here (I'm not much of a Javascript guy),
    and
    agree this is a bad use of javascript, this does not solve the problem
    (using onClick attribute results in the same behavior, of course).

    > Stop and ask yourself why that warning is there to start with and you
    > will realize that there is only one way to prevent them - stop going
    > from secure to un-secure connections.


    Ah yes, but it's not going from secure to insecure, in fact. (I know IE
    thinks it is).
    Because it pops up 2 warnings, in succession: secure->insecure, and
    then
    insecure->secure when it realizes that pop-up is also secure. That's
    the
    point.
    , Jul 19, 2005
    #3
  4. Randy Webb Guest

    said the following on 7/18/2005 7:08 PM:
    >>Only if JS is enabled.

    >
    >
    > That's implied :).
    >
    >
    >>URL: http://jibbering.com/faq/#FAQ4_24

    >
    >
    > Yes, I've looked there. While I'm genuinely (no sarcasm!) happy
    > to learn what really goes on here (I'm not much of a Javascript guy),
    > and agree this is a bad use of javascript, this does not solve the problem
    > (using onClick attribute results in the same behavior, of course).
    >
    >
    >>Stop and ask yourself why that warning is there to start with and you
    >>will realize that there is only one way to prevent them - stop going
    >>from secure to un-secure connections.

    >
    >
    > Ah yes, but it's not going from secure to insecure, in fact. (I know IE
    > thinks it is).
    > Because it pops up 2 warnings, in succession: secure->insecure, and
    > then insecure->secure when it realizes that pop-up is also secure. That's
    > the point.


    In IE, on your secure site, test this code:

    var myWindow = window.open();
    myWindow.location= 'https://.......';

    And you will see the same behavior. The reason is that IE thinks if you
    have a window open, then it must have a URL. But instead of opening the
    URL you specify, it opens about:blank and then navigates to the URL in
    the window.open call. So, it goes from secure>about:blank>secure which
    is secure>non secure>secure.

    The simplest solution is to not use a popup :) Seriously, use an IFrame,
    manipulate it's size and visibility and load your popup data in the
    IFrame, resize it, then collapse it.

    --
    Randy
    comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
    Randy Webb, Jul 19, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. A.M
    Replies:
    5
    Views:
    5,423
    Teemu Keiski
    Jun 8, 2004
  2. zdrakec
    Replies:
    1
    Views:
    430
    zdrakec
    Jul 25, 2005
  3. Joe
    Replies:
    5
    Views:
    948
    Steven Cheng[MSFT]
    Dec 13, 2005
  4. verbal kint
    Replies:
    1
    Views:
    541
    Sudsy
    Sep 4, 2004
  5. rb

    secure and non-secure pages

    rb, Dec 4, 2006, in forum: ASP .Net
    Replies:
    0
    Views:
    325
Loading...

Share This Page