Loading ...
Sorry, an error occurred while loading the content.
 

Bug in iframe shim code in 0.12.0 container.js?

Expand Messages
  • Arun Nair
    After I upgraded YUI from 0.11.4 to 0.12.0, I started getting the dreaded This page contains both secure and nonsecure items warning from IE when launching
    Message 1 of 5 , Nov 22, 2006
      After I upgraded YUI from 0.11.4 to 0.12.0, I started getting the dreaded "This page contains both secure and nonsecure items" warning from IE when launching my app via HTTPS.

      I narrowed its source down to a place where I was creating a YAHOO.widget.Overlay, and then tracked the bug down to this change in container.js:
      1154c1239
      < YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";
      ---
      > YAHOO.widget.Overlay.IFRAME_SRC = "javascript:false;"


      The bug is very easy to reproduce - just the following 3 lines will do the trick:
      ov = new YAHOO.widget.Overlay( "overlay" );
      ov.render( document.body );
      ov.show();


      I was able to fix it by making this change:
      1787c1787
      < this.iframe.src = this.imageRoot + YAHOO.widget.Overlay.IFRAME_SRC;
      ---
      > this.iframe.src = YAHOO.widget.Overlay.IFRAME_SRC;

      As a workaround, setting the value of IFRAME_SRC in my code to what it was in 0.11.4 also does the trick:
      YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";

      Hope this helps.

      - Arun

    • Steven Peterson
      Arun, If you could file this as a bug on SourceForge, that would be great. The issue is that the server source is being appended to the IFRAME_SRC when it
      Message 2 of 5 , Nov 22, 2006

        Arun,

         

        If you could file this as a bug on SourceForge, that would be great. The issue is that the server source is being appended to the IFRAME_SRC when it should not be. The change that you made was definitely the correct one, and one that will be incorporated in the next release of Container. Thanks for reporting this issue!

         

        Steven Peterson

        Web Developer, Platform Engineering

        Yahoo!

         

        From: ydn-javascript@yahoogroups.com [mailto:ydn-javascript@yahoogroups.com] On Behalf Of Arun Nair
        Sent: Wednesday, November 22, 2006 1:04 AM
        To: ydn-javascript@yahoogroups.com
        Subject: [ydn-javascript] Bug in iframe shim code in 0.12.0 container.js?

         

        After I upgraded YUI from 0.11.4 to 0.12.0, I started getting the dreaded "This page contains both secure and nonsecure items" warning from IE when launching my app via HTTPS.

        I narrowed its source down to a place where I was creating a YAHOO.widget.Overlay, and then tracked the bug down to this change in container.js:
        1154c1239
        < YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";
        ---

        > YAHOO.widget.Overlay.IFRAME_SRC = "javascript:false;"

        The bug is very easy to reproduce - just the following 3 lines will do the trick:
        ov = new YAHOO.widget.Overlay( "overlay" );
        ov.render( document.body );
        ov.show();


        I was able to fix it by making this change:
        1787c1787
        < this.iframe.src = this.imageRoot + YAHOO.widget.Overlay.IFRAME_SRC;
        ---
        > this.iframe.! src = YAHOO.widget.Overlay.IFRAME_SRC;

        As a workaround, setting the value of IFRAME_SRC in my code to what it was in 0.11.4 also does the trick:
        YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";

        Hope this helps.

        - Arun

      • Arun Nair
        Done - bug id is 1601428. I just wanted to make sure that this isn t something stupid that I was doing before filing a bug. Thanks for confirming the problem.
        Message 3 of 5 , Nov 22, 2006
          Done - bug id is 1601428.

          I just wanted to make sure that this isn't something stupid that I was
          doing before filing a bug. Thanks for confirming the problem.

          Arun

          --- In ydn-javascript@yahoogroups.com, "Steven Peterson"
          <peterson@...> wrote:
          >
          > Arun,
          >
          >
          >
          > If you could file this as a bug on SourceForge, that would be great. The
          > issue is that the server source is being appended to the IFRAME_SRC
          when it
          > should not be. The change that you made was definitely the correct
          one, and
          > one that will be incorporated in the next release of Container.
          Thanks for
          > reporting this issue!
          >
          >
          >
          > Steven Peterson
          >
          > Web Developer, Platform Engineering
          >
          > Yahoo!
          >
          >
          >
          > From: ydn-javascript@yahoogroups.com
          [mailto:ydn-javascript@yahoogroups.com]
          > On Behalf Of Arun Nair
          > Sent: Wednesday, November 22, 2006 1:04 AM
          > To: ydn-javascript@yahoogroups.com
          > Subject: [ydn-javascript] Bug in iframe shim code in 0.12.0
          container.js?
          >
          >
          >
          > After I upgraded YUI from 0.11.4 to 0.12.0, I started getting the
          dreaded
          > "This page contains both secure and nonsecure items" warning from IE
          when
          > launching my app via HTTPS.
          >
          > I narrowed its source down to a place where I was creating a
          > YAHOO.widget.Overlay, and then tracked the bug down to this change in
          > container.js:
          > 1154c1239
          > < YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";
          > ---
          > > YAHOO.widget.Overlay.IFRAME_SRC = "javascript:false;"
          >
          > The bug is very easy to reproduce - just the following 3 lines will
          do the
          > trick:
          > ov = new YAHOO.widget.Overlay( "overlay" );
          > ov.render( document.body );
          > ov.show();
          >
          > I was able to fix it by making this change:
          > 1787c1787
          > < this.iframe.src = this.imageRoot + YAHOO.widget.Overlay.IFRAME_SRC;
          > ---
          > > this.iframe.! src = YAHOO.widget.Overlay.IFRAME_SRC;
          >
          > As a workaround, setting the value of IFRAME_SRC in my code to what
          it was
          > in 0.11.4 also does the trick:
          > YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";
          >
          > Hope this helps.
          >
          > - Arun
          >
        • raja_nimish
          ... warning ... in ... will do ... YAHOO.widget.Overlay.IFRAME_SRC; ... what it ... what are pro...
          Message 4 of 5 , Dec 18, 2006
            --- In ydn-javascript@yahoogroups.com, "Arun Nair"
            <twelvefortyfive@...> wrote:
            >
            > After I upgraded YUI from 0.11.4 to 0.12.0, I started getting the
            > dreaded "This page contains both secure and nonsecure items"
            warning
            > from IE when launching my app via HTTPS.
            >
            > I narrowed its source down to a place where I was creating a
            > YAHOO.widget.Overlay, and then tracked the bug down to this change
            in
            > container.js:
            > 1154c1239
            > < YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";
            > ---
            > > YAHOO.widget.Overlay.IFRAME_SRC = "javascript:false;"
            >
            > The bug is very easy to reproduce - just the following 3 lines
            will do
            > the trick:
            > ov = new YAHOO.widget.Overlay( "overlay" );
            > ov.render( document.body );
            > ov.show();
            >
            > I was able to fix it by making this change:
            > 1787c1787
            > < this.iframe.src = this.imageRoot +
            YAHOO.widget.Overlay.IFRAME_SRC;
            > ---
            > > this.iframe.src = YAHOO.widget.Overlay.IFRAME_SRC;
            >
            > As a workaround, setting the value of IFRAME_SRC in my code to
            what it
            > was in 0.11.4 also does the trick:
            > YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";
            >
            > Hope this helps.
            >
            > - Arun
            >
            what are pro...
          • cynthia_delaria
            I am still getting this problem. I have updated the line referenced below, and have searched for other posts related to this. I am using IE6 w/ version 0.12.0
            Message 5 of 5 , May 2, 2007
              I am still getting this problem. I have updated the line referenced
              below, and have searched for other posts related to this.

              I am using IE6 w/ version 0.12.0 of the YUI library, and have narrowed
              this down to creating tooltips, as that is the only reason I am
              including the container.js. The following line is how I am creating
              the tooltip:

              this.ttArray[index] = new YAHOO.widget.Tooltip(index, cfgObj);

              where index is the name of the tooltip and cfgObj is the text,
              context, etc.

              Any other suggestions about what is happening here?

              Thanks,

              Cynthia



              --- In ydn-javascript@yahoogroups.com, "Arun Nair"
              <twelvefortyfive@...> wrote:
              >
              > Done - bug id is 1601428.
              >
              > I just wanted to make sure that this isn't something stupid that I was
              > doing before filing a bug. Thanks for confirming the problem.
              >
              > Arun
              >
              > --- In ydn-javascript@yahoogroups.com, "Steven Peterson"
              > <peterson@> wrote:
              > >
              > > Arun,
              > >
              > >
              > >
              > > If you could file this as a bug on SourceForge, that would be
              great. The
              > > issue is that the server source is being appended to the IFRAME_SRC
              > when it
              > > should not be. The change that you made was definitely the correct
              > one, and
              > > one that will be incorporated in the next release of Container.
              > Thanks for
              > > reporting this issue!
              > >
              > >
              > >
              > > Steven Peterson
              > >
              > > Web Developer, Platform Engineering
              > >
              > > Yahoo!
              > >
              > >
              > >
              > > From: ydn-javascript@yahoogroups.com
              > [mailto:ydn-javascript@yahoogroups.com]
              > > On Behalf Of Arun Nair
              > > Sent: Wednesday, November 22, 2006 1:04 AM
              > > To: ydn-javascript@yahoogroups.com
              > > Subject: [ydn-javascript] Bug in iframe shim code in 0.12.0
              > container.js?
              > >
              > >
              > >
              > > After I upgraded YUI from 0.11.4 to 0.12.0, I started getting the
              > dreaded
              > > "This page contains both secure and nonsecure items" warning from IE
              > when
              > > launching my app via HTTPS.
              > >
              > > I narrowed its source down to a place where I was creating a
              > > YAHOO.widget.Overlay, and then tracked the bug down to this change in
              > > container.js:
              > > 1154c1239
              > > < YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";
              > > ---
              > > > YAHOO.widget.Overlay.IFRAME_SRC = "javascript:false;"
              > >
              > > The bug is very easy to reproduce - just the following 3 lines will
              > do the
              > > trick:
              > > ov = new YAHOO.widget.Overlay( "overlay" );
              > > ov.render( document.body );
              > > ov.show();
              > >
              > > I was able to fix it by making this change:
              > > 1787c1787
              > > < this.iframe.src = this.imageRoot + YAHOO.widget.Overlay.IFRAME_SRC;
              > > ---
              > > > this.iframe.! src = YAHOO.widget.Overlay.IFRAME_SRC;
              > >
              > > As a workaround, setting the value of IFRAME_SRC in my code to what
              > it was
              > > in 0.11.4 also does the trick:
              > > YAHOO.widget.Overlay.IFRAME_SRC = "promo/m/irs/blank.gif";
              > >
              > > Hope this helps.
              > >
              > > - Arun
              > >
              >
            Your message has been successfully submitted and would be delivered to recipients shortly.