Pop-up and secure connection

[debedb]

Hi all,

I have a link, <A onClick="javascript:foo()">. The
foo() function does

w = window.open('', fieldid+'mywindow', prop);
w.document.open();
d = w.document;

And proceeds to write stuff there.

The problem is, if I serve the original page off
an https connection, upon the click, IE
warns that I am about to leave a secure connection,
then, when the new window pops up, it warns that I
am about to enter a secure connection.

Is there a way to get rid of these warnings in this case?

 

[Randy Webb]

Hi all,

I have a link, <A onClick="javascript:foo()">. The
foo() function does

Only if JS is enabled.

w = window.open('', fieldid+'mywindow', prop);
w.document.open();
d = w.document;

And proceeds to write stuff there.

The problem is, if I serve the original page off
an https connection, upon the click, IE
warns that I am about to leave a secure connection,
then, when the new window pops up, it warns that I
am about to enter a secure connection.

Is there a way to get rid of these warnings in this case?

Stop and ask yourself why that warning is there to start with and you
will realize that there is only one way to prevent them - stop going
from secure to un-secure connections.

 

[debedb]

Only if JS is enabled.

That's implied .

URL: http://jibbering.com/faq/#FAQ4_24

Yes, I've looked there. While I'm genuinely (no sarcasm!) happy
to learn what really goes on here (I'm not much of a Javascript guy),
and
agree this is a bad use of javascript, this does not solve the problem
(using onClick attribute results in the same behavior, of course).

Stop and ask yourself why that warning is there to start with and you
will realize that there is only one way to prevent them - stop going
from secure to un-secure connections.

Ah yes, but it's not going from secure to insecure, in fact. (I know IE
thinks it is).
Because it pops up 2 warnings, in succession: secure->insecure, and
then
insecure->secure when it realizes that pop-up is also secure. That's
the
point.

 

[Randy Webb]

(e-mail address removed) said the following on 7/18/2005 7:08 PM:

That's implied .




Yes, I've looked there. While I'm genuinely (no sarcasm!) happy
to learn what really goes on here (I'm not much of a Javascript guy),
and agree this is a bad use of javascript, this does not solve the problem
(using onClick attribute results in the same behavior, of course).




Ah yes, but it's not going from secure to insecure, in fact. (I know IE
thinks it is).
Because it pops up 2 warnings, in succession: secure->insecure, and
then insecure->secure when it realizes that pop-up is also secure. That's
the point.

In IE, on your secure site, test this code:

var myWindow = window.open();
myWindow.location= 'https://.......';

And you will see the same behavior. The reason is that IE thinks if you
have a window open, then it must have a URL. But instead of opening the
URL you specify, it opens about:blank and then navigates to the URL in
the window.open call. So, it goes from secure>about:blank>secure which
is secure>non secure>secure.

The simplest solution is to not use a popup Seriously, use an IFrame,
manipulate it's size and visibility and load your popup data in the
IFrame, resize it, then collapse it.