473,398 Members | 2,812 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > xml transform over https

Join Bytes to post your question to a community of 473,398 software developers and data experts.

xml transform over https

My team is using the FO library to generate PDFs.

We are also required to use https.

The XSL transform page fed into javax.xml.transform.Transformer starts
with

<?xml version="1.0"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:fo ="http://www.w3.org/1999/XSL/Format">

---

Now, when displaying the PDF, Internet Explorer is popping an alert
saying "This page contains both secure and nonsecure items. Do you
want to display the nonsecure items?"

And no particular preferences in IE take this away. ENABLE MIXED
CONTENT and WARN IF CHANGING ... are both set correctly, yet we still
get the popup. I can only think that this xsl file is causing us
trouble.

Now, before looking at this problem - I believed that namespace uri
strings were simply that, unique identifiers. Not necessarily valid
internet URLs. Since transorms work without a connection to the
internet, it seems to make sense. Yet, as soon as I put
https:///www.w3.org/1999/XSL/Transform into this header, I get the
infamous "javax.xml.transform.TransformerException: stylesheet
requires attribute: version".

Can someone explain to me why the URI needs to be exactly
http://www.w3.org/1999/XSL/Transform and is there any way around this?
I'd like to get everything within the https environment, to use https
- as I'd like to get rid of that popup.

Thanks,

-LutherB
Jul 20 '05 #1
4 5262
Luther Baker wrote:
...
Can someone explain to me why the URI needs to be exactly
http://www.w3.org/1999/XSL/Transform and is there any way around this?
...


Because, as you said, it's just a string. But it's also an *identifier*
-- if it doesn't match character by character, the XSLT engine will not
recognize the language.

I'd say this is a browser bug -- namespace URIs should be irrelevant for
security considerations (unless of course something really accesses them).

Julian
Jul 20 '05 #2
Luther Baker wrote:
My team is using the FO library to generate PDFs.

We are also required to use https.

The XSL transform page fed into javax.xml.transform.Transformer starts
with

<?xml version="1.0"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:fo ="http://www.w3.org/1999/XSL/Format">

---

Now, when displaying the PDF, Internet Explorer is popping an alert
saying "This page contains both secure and nonsecure items. Do you
want to display the nonsecure items?"

...


Speaking of which -- if the transformation happens server-side, why
would the exact syntax of the XSLT ever affect the generated PDF data
stream? I guess there's something else wrong with the content you're
sending.
Jul 20 '05 #3


Luther Baker wrote:
My team is using the FO library to generate PDFs.

We are also required to use https.

The XSL transform page fed into javax.xml.transform.Transformer starts
with

<?xml version="1.0"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:fo ="http://www.w3.org/1999/XSL/Format">

---

Now, when displaying the PDF, Internet Explorer is popping an alert
saying "This page contains both secure and nonsecure items. Do you
want to display the nonsecure items?"

And no particular preferences in IE take this away. ENABLE MIXED
CONTENT and WARN IF CHANGING ... are both set correctly, yet we still
get the popup. I can only think that this xsl file is causing us
trouble.

Now, before looking at this problem - I believed that namespace uri
strings were simply that, unique identifiers. Not necessarily valid
internet URLs. Since transorms work without a connection to the
internet, it seems to make sense. Yet, as soon as I put
https:///www.w3.org/1999/XSL/Transform into this header, I get the
infamous "javax.xml.transform.TransformerException: stylesheet
requires attribute: version".

Can someone explain to me why the URI needs to be exactly
http://www.w3.org/1999/XSL/Transform and is there any way around this?
I'd like to get everything within the https environment, to use https
- as I'd like to get rid of that popup.


I am pretty sure the warning IE gives has nothing to do with the
namespace URIs. Your XSLT transformation is done on the server isn't it?
So IE doesn't even see the XSL stylesheet.
I don't know what kind of page you generate but maybe you have an
<iframe> in there pointing to a non https URL. That is when IE usually
gives the warning.
If you post a URL maybe we can find out what causes the warning but I
don't think the whole problem is related to XML thus asking in an IE
group might be a better way.

--

Martin Honnen
http://JavaScript.FAQTs.com/

Jul 20 '05 #4
Martin Honnen <ma*******@yahoo.de> wrote in message news:<3f********@olaf.komtel.net>...
Luther Baker wrote:
My team is using the FO library to generate PDFs.

We are also required to use https.

The XSL transform page fed into javax.xml.transform.Transformer starts
with

<?xml version="1.0"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:fo ="http://www.w3.org/1999/XSL/Format">

---

Now, when displaying the PDF, Internet Explorer is popping an alert
saying "This page contains both secure and nonsecure items. Do you
want to display the nonsecure items?"

And no particular preferences in IE take this away. ENABLE MIXED
CONTENT and WARN IF CHANGING ... are both set correctly, yet we still
get the popup. I can only think that this xsl file is causing us
trouble.

Now, before looking at this problem - I believed that namespace uri
strings were simply that, unique identifiers. Not necessarily valid
internet URLs. Since transorms work without a connection to the
internet, it seems to make sense. Yet, as soon as I put
https:///www.w3.org/1999/XSL/Transform into this header, I get the
infamous "javax.xml.transform.TransformerException: stylesheet
requires attribute: version".

Can someone explain to me why the URI needs to be exactly
http://www.w3.org/1999/XSL/Transform and is there any way around this?
I'd like to get everything within the https environment, to use https
- as I'd like to get rid of that popup.


I am pretty sure the warning IE gives has nothing to do with the
namespace URIs. Your XSLT transformation is done on the server isn't it?
So IE doesn't even see the XSL stylesheet.
I don't know what kind of page you generate but maybe you have an
<iframe> in there pointing to a non https URL. That is when IE usually
gives the warning.
If you post a URL maybe we can find out what causes the warning but I
don't think the whole problem is related to XML thus asking in an IE
group might be a better way.


There is no iframe, we just post to a servlet, feed the XSL info the
FO engine, and then return the PDF contents to the browser. The
browser prompts the user, and on saying OK, the PDF is downloaded and
ADOBE opens.

I agree with you, its probably got nothing to do with the XSLT, but
I'm not sure why IE feels the content is mixed.

I will try and IE newsgroup.

Thanks,

-LutherB
Jul 20 '05 #5
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
HTTPS problem
by: kiran | last post by:
Hi, I hosted a PHP project on my web server(IIS) and I am accessing the ip addres through my office public address like this: (example) https://61.95.204.43:8887/phptest/test.php ...
PHP
2
redirect if https is set
by: Craig Keightley | last post by:
i have the following script on my checkout page to check if https is set in the address bar: if ($_SERVER != "on") { $url = $_SERVER; $query = $_SERVER; $path = $_SERVER; header("Location:...
PHP
16
https proxy
by: Paul Sweeney | last post by:
Does anyone know of a working (python) https proxy which allows viewing of unencrypted data being sent from my browser to an https site? I've worked my way through most on the list at...
Python
2
XSL Transform Problem using Xml.XSL.Transform
by: John Lehmann | last post by:
I have an interesting problem. I am performing an XSL transform using the System.Xml.Xsl.Transform class. I have a database that contains the XSL style sheet string. And it seems to work pretty...
.NET Framework
12
Sessions across http/https
by: Grunff | last post by:
I'm experiencing an interesting problem with carrying a php session over from http to https. Much googling later, I'm still stuck. The application is an online shop, where some user data is...
PHP
14
Authentication, https and security.
by: Peter Chant | last post by:
I'm currently authenticating a site I have built using basic http authentication built into apache. This has zero overhead on php which is a bonus but it seems to not quite work how I'd like. ...
PHP
4
webReference.SetURL method with https connections
by: Jason P | last post by:
Basically we have a web method with a dynamic URL. The client is developed in C++ and I've been using the webReference.SetUrl( "http://test.example.com..." ) method successfully with various web...
.NET Framework
14
how to configure web from HTTP to HTTPS
by: david | last post by:
I have developed web forms including login by using ASP.NET via HTTP. Now I want to secure the connection from client to the server via HTTPS. How can I configure the server or something else to...
ASP.NET
2
add web reference problem with HTTPS
by: scott mcfadden | last post by:
Using VS 2003, I can not add a web reference to our production server's ..asmx URL using HTTPS. I will put in a URL like: https://mycompany.com/myapp/myservice.asmx VStudio will display the...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!