473,804 Members | 4,217 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

xml transform over https

My team is using the FO library to generate PDFs.

We are also required to use https.

The XSL transform page fed into javax.xml.trans form.Transforme r starts
with

<?xml version="1.0"?>
<xsl:styleshe et version="1.0"
xmlns:xsl="http ://www.w3.org/1999/XSL/Transform"
xmlns:fo ="http://www.w3.org/1999/XSL/Format">

---

Now, when displaying the PDF, Internet Explorer is popping an alert
saying "This page contains both secure and nonsecure items. Do you
want to display the nonsecure items?"

And no particular preferences in IE take this away. ENABLE MIXED
CONTENT and WARN IF CHANGING ... are both set correctly, yet we still
get the popup. I can only think that this xsl file is causing us
trouble.

Now, before looking at this problem - I believed that namespace uri
strings were simply that, unique identifiers. Not necessarily valid
internet URLs. Since transorms work without a connection to the
internet, it seems to make sense. Yet, as soon as I put
https:///www.w3.org/1999/XSL/Transform into this header, I get the
infamous "javax.xml.tran sform.Transform erException: stylesheet
requires attribute: version".

Can someone explain to me why the URI needs to be exactly
http://www.w3.org/1999/XSL/Transform and is there any way around this?
I'd like to get everything within the https environment, to use https
- as I'd like to get rid of that popup.

Thanks,

-LutherB
Jul 20 '05 #1
4 5284
Luther Baker wrote:
...
Can someone explain to me why the URI needs to be exactly
http://www.w3.org/1999/XSL/Transform and is there any way around this?
...


Because, as you said, it's just a string. But it's also an *identifier*
-- if it doesn't match character by character, the XSLT engine will not
recognize the language.

I'd say this is a browser bug -- namespace URIs should be irrelevant for
security considerations (unless of course something really accesses them).

Julian
Jul 20 '05 #2
Luther Baker wrote:
My team is using the FO library to generate PDFs.

We are also required to use https.

The XSL transform page fed into javax.xml.trans form.Transforme r starts
with

<?xml version="1.0"?>
<xsl:styleshe et version="1.0"
xmlns:xsl="http ://www.w3.org/1999/XSL/Transform"
xmlns:fo ="http://www.w3.org/1999/XSL/Format">

---

Now, when displaying the PDF, Internet Explorer is popping an alert
saying "This page contains both secure and nonsecure items. Do you
want to display the nonsecure items?"

...


Speaking of which -- if the transformation happens server-side, why
would the exact syntax of the XSLT ever affect the generated PDF data
stream? I guess there's something else wrong with the content you're
sending.
Jul 20 '05 #3


Luther Baker wrote:
My team is using the FO library to generate PDFs.

We are also required to use https.

The XSL transform page fed into javax.xml.trans form.Transforme r starts
with

<?xml version="1.0"?>
<xsl:styleshe et version="1.0"
xmlns:xsl="http ://www.w3.org/1999/XSL/Transform"
xmlns:fo ="http://www.w3.org/1999/XSL/Format">

---

Now, when displaying the PDF, Internet Explorer is popping an alert
saying "This page contains both secure and nonsecure items. Do you
want to display the nonsecure items?"

And no particular preferences in IE take this away. ENABLE MIXED
CONTENT and WARN IF CHANGING ... are both set correctly, yet we still
get the popup. I can only think that this xsl file is causing us
trouble.

Now, before looking at this problem - I believed that namespace uri
strings were simply that, unique identifiers. Not necessarily valid
internet URLs. Since transorms work without a connection to the
internet, it seems to make sense. Yet, as soon as I put
https:///www.w3.org/1999/XSL/Transform into this header, I get the
infamous "javax.xml.tran sform.Transform erException: stylesheet
requires attribute: version".

Can someone explain to me why the URI needs to be exactly
http://www.w3.org/1999/XSL/Transform and is there any way around this?
I'd like to get everything within the https environment, to use https
- as I'd like to get rid of that popup.


I am pretty sure the warning IE gives has nothing to do with the
namespace URIs. Your XSLT transformation is done on the server isn't it?
So IE doesn't even see the XSL stylesheet.
I don't know what kind of page you generate but maybe you have an
<iframe> in there pointing to a non https URL. That is when IE usually
gives the warning.
If you post a URL maybe we can find out what causes the warning but I
don't think the whole problem is related to XML thus asking in an IE
group might be a better way.

--

Martin Honnen
http://JavaScript.FAQTs.com/

Jul 20 '05 #4
Martin Honnen <ma*******@yaho o.de> wrote in message news:<3f******* *@olaf.komtel.n et>...
Luther Baker wrote:
My team is using the FO library to generate PDFs.

We are also required to use https.

The XSL transform page fed into javax.xml.trans form.Transforme r starts
with

<?xml version="1.0"?>
<xsl:styleshe et version="1.0"
xmlns:xsl="http ://www.w3.org/1999/XSL/Transform"
xmlns:fo ="http://www.w3.org/1999/XSL/Format">

---

Now, when displaying the PDF, Internet Explorer is popping an alert
saying "This page contains both secure and nonsecure items. Do you
want to display the nonsecure items?"

And no particular preferences in IE take this away. ENABLE MIXED
CONTENT and WARN IF CHANGING ... are both set correctly, yet we still
get the popup. I can only think that this xsl file is causing us
trouble.

Now, before looking at this problem - I believed that namespace uri
strings were simply that, unique identifiers. Not necessarily valid
internet URLs. Since transorms work without a connection to the
internet, it seems to make sense. Yet, as soon as I put
https:///www.w3.org/1999/XSL/Transform into this header, I get the
infamous "javax.xml.tran sform.Transform erException: stylesheet
requires attribute: version".

Can someone explain to me why the URI needs to be exactly
http://www.w3.org/1999/XSL/Transform and is there any way around this?
I'd like to get everything within the https environment, to use https
- as I'd like to get rid of that popup.


I am pretty sure the warning IE gives has nothing to do with the
namespace URIs. Your XSLT transformation is done on the server isn't it?
So IE doesn't even see the XSL stylesheet.
I don't know what kind of page you generate but maybe you have an
<iframe> in there pointing to a non https URL. That is when IE usually
gives the warning.
If you post a URL maybe we can find out what causes the warning but I
don't think the whole problem is related to XML thus asking in an IE
group might be a better way.


There is no iframe, we just post to a servlet, feed the XSL info the
FO engine, and then return the PDF contents to the browser. The
browser prompts the user, and on saying OK, the PDF is downloaded and
ADOBE opens.

I agree with you, its probably got nothing to do with the XSLT, but
I'm not sure why IE feels the content is mixed.

I will try and IE newsgroup.

Thanks,

-LutherB
Jul 20 '05 #5

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
1783
HTTPS problem
by: kiran | last post by:
Hi, I hosted a PHP project on my web server(IIS) and I am accessing the ip addres through my office public address like this: (example) https://61.95.204.43:8887/phptest/test.php "https://61.95.204.43" is my company ip address and the port 8887 is any requests that are comes through the port(8887) will be redirected to my system, which is under the network ("https://61.95.204.43").
PHP
2
3286
redirect if https is set
by: Craig Keightley | last post by:
i have the following script on my checkout page to check if https is set in the address bar: if ($_SERVER != "on") { $url = $_SERVER; $query = $_SERVER; $path = $_SERVER; header("Location: https://$url$path?$query"); }
PHP
16
60621
https proxy
by: Paul Sweeney | last post by:
Does anyone know of a working (python) https proxy which allows viewing of unencrypted data being sent from my browser to an https site? I've worked my way through most on the list at http://xhaus.com/alan/python/proxies.html, but while many claim to support https, if you actually point your browser at the proxies, they work fine for http, but not for https pages. TIA
Python
2
1024
XSL Transform Problem using Xml.XSL.Transform
by: John Lehmann | last post by:
I have an interesting problem. I am performing an XSL transform using the System.Xml.Xsl.Transform class. I have a database that contains the XSL style sheet string. And it seems to work pretty well for simple transforms. But as soon as I add Xsl variables or For each loops to the XSL string in the db, it fails to transform the XML. I can see that it will transform everything until that point. ALso If I copy the XSL & XML I am trying to...
.NET Framework
12
5200
Sessions across http/https
by: Grunff | last post by:
I'm experiencing an interesting problem with carrying a php session over from http to https. Much googling later, I'm still stuck. The application is an online shop, where some user data is stored in the session. As the user proceeds to checkout, we switch over to https. This is all done on the same physical server, under the same domain (which has an SSL cert). The session ID is carried over fine - I can read the session ID from http...
PHP
14
2519
Authentication, https and security.
by: Peter Chant | last post by:
I'm currently authenticating a site I have built using basic http authentication built into apache. This has zero overhead on php which is a bonus but it seems to not quite work how I'd like. Are the username and password in the login box that comes up encrypted? When I login https://mysite.local:portnum I get the login dialog. As I am using a self signed certificate I see the dialog stating warning me about it first before the login...
PHP
4
6532
webReference.SetURL method with https connections
by: Jason P | last post by:
Basically we have a web method with a dynamic URL. The client is developed in C++ and I've been using the webReference.SetUrl( "http://test.example.com..." ) method successfully with various web method URLs. However, when we switched to using a secure connection, the call to webReference.SetUrl( "https://test.example.com..." ) no longer functions. The SetUrl() method is actually successful, but any following calls in to the web...
.NET Framework
14
3064
how to configure web from HTTP to HTTPS
by: david | last post by:
I have developed web forms including login by using ASP.NET via HTTP. Now I want to secure the connection from client to the server via HTTPS. How can I configure the server or something else to make the change? Thank you David
ASP.NET
2
5330
add web reference problem with HTTPS
by: scott mcfadden | last post by:
Using VS 2003, I can not add a web reference to our production server's ..asmx URL using HTTPS. I will put in a URL like: https://mycompany.com/myapp/myservice.asmx VStudio will display the web methods from that URL and when I click on OK to download/build the dynamic web proxy code, I get the following error: Unable to download files from http://mycompany.com/myapp/myservice.asmx
.NET Framework
0
9707
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
10338
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
0
10082
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
9161
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
0
5525
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
0
5658
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
1
4301
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3823
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP
3
2997
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us