[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4752: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4754: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4755: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4756: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3887)
CSS3 PIE Forums - View topic - "Secure and nonsecure" Warning
Forums
View unanswered posts | View active topics It is currently Thu Jul 09, 2020 11:22 am



Reply to topic  [ 10 posts ] 
 "Secure and nonsecure" Warning 
Author Message

Joined: Thu Aug 19, 2010 1:23 pm
Posts: 3
Post "Secure and nonsecure" Warning
I'm trying to use PIE.htc on a site that's served via https. The fixes it implements work perfectly. The problem is that no matter what I've tried, IE (version 6 in this case) raises the infamous "This page contains both secure and nonsecure items" alert.

Everything on the page is served from the same server, host, and domain. With no style references to PIE.htc, there's no warning. With one or more references to PIE.htc, there are (always exactly) two security warnings. Looking at the page before dismissing the dialog, it appears that the style have been successfully applied, despite the warning.

Note that this is NOT the "Internet Explorer has restricted this web page from running scripts..." warning. The script does run. It's just the security warning that's the problem.

What I've tried:

- Referencing PIE.htc from a relative URL
- Referencing it from a root-relative URL
- Referencing it from a protocol-relative URL (e.g. "//www.example.com/js/PIE.htc")
- Referencing it from an absolute URL (e.g. "https://www.example.com/js/PIE.htc")
- Putting PIE.htc in the same directory as the page on which it's used
- Adding the "Mark of the Web" comments to both the htc file and the page from which it's served
- Ensuring that the MIME type is set correctly on the apache server from which it's delivered (it is)

None of it helps.

It's been a tricky problem to research, but I did read something (which now I can't find) indicating that the manipulations performed by scripts like this one are somehow performed in an IE security zone that is by definition not the same as the zone in which an https page is running. Details were sketchy, though.

It's hard to believe nobody's tried to use PIE.htc on a site that works over SSL, so the search for solutions goes on.

Any suggestions?


Thu Aug 19, 2010 1:40 pm
Profile

Joined: Wed Jul 14, 2010 11:46 am
Posts: 1452
Post Re: "Secure and nonsecure" Warning
Thanks for the thorough analysis, it really helps eliminate the "easy" stuff. I have to admit I've not used PIE myself over https, so I can't even verify that it does work properly. If you could help me debug a little bit:

1) You said this is in IE6; have you tried IE7 and/or IE8 to see if the problem occurs there as well?
2) Can you edit your copy of PIE.htc, find the string "url(about:blank)" and replace it with "none", and let me know if that helps? It's just a hunch.


Fri Aug 20, 2010 12:40 pm
Profile

Joined: Tue Aug 24, 2010 5:33 am
Posts: 1
Post Re: "Secure and nonsecure" Warning
I can confirm replacing url(about:blank) with url(none) works for IE6 (sp3), IE7, and IE8 when serving pages using SSL. :D


Tue Aug 24, 2010 5:35 am
Profile

Joined: Thu Aug 19, 2010 1:23 pm
Posts: 3
Post Re: "Secure and nonsecure" Warning
Jason, your suggestion did indeed solve the problem. Much obliged.


Tue Aug 24, 2010 2:25 pm
Profile

Joined: Wed Jul 14, 2010 11:46 am
Posts: 1452
Post Re: "Secure and nonsecure" Warning
Thanks for trying that. I've opened ticket http://github.com/lojjic/PIE/issues/issue/69 to track getting this fixed.


Wed Aug 25, 2010 10:17 am
Profile

Joined: Thu Aug 19, 2010 1:23 pm
Posts: 3
Post Re: "Secure and nonsecure" Warning


Tue Aug 31, 2010 3:04 pm
Profile

Joined: Wed Jul 14, 2010 11:46 am
Posts: 1452
Post Re: "Secure and nonsecure" Warning
@rumkeg: Yes, sorry if I was unclear, you should have replaced "url(about:blank)" with "none", not with "url(none)". They are very different values.


Tue Aug 31, 2010 3:27 pm
Profile

Joined: Wed Jul 27, 2011 3:28 pm
Posts: 2
Post Re: "Secure and nonsecure" Warning
Although the workaround seems to resolve the security warning, it seems to have a nasty knock on effect for us.

We use jQuery as well. With the workaround in place, whenever we try and click on a text field we're getting some bizarre jQuery errors.
The error emanates from the depths of jquery and is not very descriptive.

e.g. jquery 1.6.1

Line: 2968
Error: Failed

It's almost like the DOM element has become invalid?
Not at all clear what is going on.

Any ideas?
Thanks
Martin


Wed Jul 27, 2011 3:51 pm
Profile

Joined: Wed Jul 27, 2011 3:28 pm
Posts: 2
Post Re: "Secure and nonsecure" Warning
I couldn't resolve why the workaround to replace url(about:blank) with 'none', is causing jQuery issues. As an alternative workaround, I've replaced the call to about:blank with a call to a url on our server which just returns empty content with a long expiry. This seems to resolve the issue.


Thu Jul 28, 2011 10:17 am
Profile

Joined: Tue Jan 31, 2012 1:22 pm
Posts: 1
Post Re: "Secure and nonsecure" Warning
Oldish thread I know...

I've just tripped over this same problem using IE6, https and CSS3 PIE (in Opencart). Just to note that IE7/8/9 are unaffected.

Thanks to the posters above for the fix. I've replaced url(about:blank) with none as described and this has fixed the problem. I've taken the additional precaution of creating a separate version of PIE.htc which I'm serving to IE6 via conditional comments and a separate stylesheet, just to avoid any issues resulting from this affecting IE7+ users. I'm also using jQuery but haven't seen any issues as mbayly describes.

There seems to have been no updates to the bug report, I'm guessing this might not happen given the fact that IE6 is nearly defunct.


Tue Jan 31, 2012 1:27 pm
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 10 posts ] 

Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by STSoftware for PTF.