473,327 Members | 2,055 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

Dynamically loading JS into iFrames - preventing IE7 popups whenleaving/entering secure connection

Hi,

I have a webpage where Im creating AJAX type requests by loading
dynamic pages containg JavaScript into hidden iFrames. The reason I am
opting for this method over XmlHttpRequest object requests is because
I wish for some of my requests to be over a secure https:// connection
and other not so private requests to be made over http:// .. using
XmlHttpRequest I am unable to make requests between two domains http/
https from the one page (which is an http page so https requests will
not work .. so I have read anyway). So, the iFrame method system
allows this but one slight issue which Im wanting to find a way
around:

When I load a page into one of my iFrames which is an https page, in
IE7 (and IE6 I presume) give me a series of alerts telling me I am
entering or leaving secure connection when Im not even leaving the
page, which is quite alarming. I get about 4 of these for just one
request. I was hoping that there is a way around this as I am worried
that, especially at a time of transition from IE6 to IE7 and security
options possibly reset, many new users to my site will get these
alerts and be concerned with the security of my site.

Does anyone have any ideas that may combat this if possible?
Jun 27 '08 #1
1 1907
VK
On May 29, 6:22 pm, bizt <bissa...@yahoo.co.ukwrote:
Hi,

I have a webpage where Im creating AJAX type requests by loading
dynamic pages containg JavaScript into hidden iFrames. The reason I am
opting for this method over XmlHttpRequest object requests is because
I wish for some of my requests to be over a secure https:// connection
and other not so private requests to be made over http:// .. using
XmlHttpRequest I am unable to make requests between two domains http/
https from the one page (which is an http page so https requests will
not work .. so I have read anyway). So, the iFrame method system
allows this but one slight issue which Im wanting to find a way
around:

When I load a page into one of my iFrames which is an https page, in
IE7 (and IE6 I presume) give me a series of alerts telling me I am
entering or leaving secure connection when Im not even leaving the
page, which is quite alarming. I get about 4 of these for just one
request. I was hoping that there is a way around this as I am worried
that, especially at a time of transition from IE6 to IE7 and security
options possibly reset, many new users to my site will get these
alerts and be concerned with the security of my site.

Does anyone have any ideas that may combat this if possible?
Warnings on leaving encrypted page for non-encrypted one, on leaving
non-encrypted for encrypted one, on loading a mixed content page with
both encrypted and non-encrypted elements: are separate browser
security settings you have no control over. Logically thinking: what
would be any security warning good for is any server could disable
it? ;-)

So in your case you only can place a text on your page like "if you
see a security warning, disregard it". Very silly and makes people
even more suspicious - so rarely used.

This is why HTTP <=HTTPS jumps based solutions are not used as non-
implementable with the desired usability. The final solution depends
on the nature of the transmitted data. If it is a really sensitive
information every time, then do the whole session under HTTPS.
HTTPS is a rather resource expensive protocol, so many solutions are
using it only on the authentication stage: thus login/password being
submitted over HTTPS and if correct then server-side redirect to HTTP
for the rest of the session.

Yours to decide what of above to use in your own case.
Jun 27 '08 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: Jeffrey Todd | last post by:
I have successfully created functionality that mostly models what I'm trying to do - which is dynamically insert controls into a user control (ascx), and insert validation controls, also...
7
by: Samuel | last post by:
Hi, I am building a page that makes use of user control as a templating technique. The following is that I have in mind and it is actually working: Root/ -- login.aspx -- login.aspx.vb --...
2
by: UJ | last post by:
Are iframes ssl compliant? I have a web page with an iframe on it and when I run it I get the infamous 'Secure and unsecure items' message. When I comment it out, it works fine. Anybody seen...
3
by: Dotnet Gruven | last post by:
I've built a WebForm with a Table added dynamically in Page_Load when IsPostBack is false. The table includes a couple of TextBoxes, RadioButtonLists and CheckboxLists. On postback, those...
2
by: boczek | last post by:
Hello all. I'm writing a small async webapp. in JavaScript and I'm using <script> element technique to load data. I'm usign <scriptbecause of cross domain restrictions with XmlRequest. The...
4
by: RobAMacAF | last post by:
I have a 3 frame window. When you type an address in the top it loads it in the middle. This works well but I need to dynamically load a small javascript function into the page that loads. I didn't...
6
by: Eraser | last post by:
hi guys.... how i would now that the iframe loading of chart fx graph is completed... i used a window.print on page load with multiple iframes on the same page.... what happen is once the print...
0
by: Twinkles | last post by:
Hello friends, I'm having an ("main.aspx")Asp.net page with 2 iframes. Second frame is by default loaded with a ("home.aspx")asp.net page. When button is clicked in...
1
by: enthusiastic | last post by:
Hi All I have a HTML page where I dynamically created 2 Iframes. The problem is, after this page is loaded & I navigate to some other page & come back using browsers back button, both of the...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.