Hi All,
I have the fckeditor running in a CMS system I built, and it uses https for the admin pages.
However, when someon clicks on a button on the toolbar that gives a dialog box (e.g., the link button), it comes up with a warning saying:
"This page contains both secure and nonsecure items.
Do you want to display the nonsecure items?"
Click yes and it works fine. Click no and it appears to blink an error page for a second, then comes up.
But of course I would like to get rid of this warning completely! How can I fix this? I have not been able to find the place where a nonsecure (e.g., http rather than https) item appears in the code.
Any help?
Sincerely,
-Josh
Wed, 03/09/2005 - 20:38
#1
RE: "both secure and nonsecure items" warning
Its likely that your CMS application is generating the http output vs https. As in Mambo's FCKeditor mambot, the php source generates the HTML script tag.
RE: "both secure and nonsecure items" warning
RE: "both secure and nonsecure items" warning
I am experiencing the same problem, I have just literally placed the editor on a web page by itself with nothing happening to it and nothing else on the page.
When going via non-secure (HTTP) it works as expected, however as soon as I switch to secure (HTTPS) it comes up with exactly the same warning message as jbeall is experiencing.
It seems like this is being caused by something in the popup code as it happend for the inbuilt dialogs and also for any plugins that are added including the Find and Replace examples.
-Rob
RE: "both secure and nonsecure items" warning
Yes, this is exactly what I am getting. Same thing with placing the editor on a page with itself, and when I switch to HTTPS I start getting those warnings on the popup dialogs.
The only thing I can think is that somewhere in the code there is a reference to something in absolute form, e.g., it fetches something via http://{domain}/{path}/{file}. That code should be replaced with something that checks to see if the client is currently connected with http or https. This is very simple in PHP if you are running Apache, but I'm not sure how do to it in JavaScript.
Any pointers? If could find the piece of JS code that is causing the problems maybe I could try and hack my way through it...
RE: "both secure and nonsecure items" warning
I would love to help fix this, but I've already gone through the code and have yet to find anything. If anyone can give me pointers I'll keep at it.
And thanks for all the work on FCKeditor, I really love it!
RE: "both secure and nonsecure items" warning
Frederico Knabben
CKEditor Project Lead and CKSource Owner
--
Follow us on: Twitter | Facebook | Google+ | LinkedIn
RE: "both secure and nonsecure items" warning
I have installed the RC3 and it works perfectly, no more security warning! According to the release notes this is cause because the IFRAME does not have a source, in the latest version it has a source of a blank page...seens like an IE bug, but anyway it works perfectly now a big thank you to the development team
Re: "both secure and nonsecure items" warning
What we are seeing is if the user gets the warning, they then get an error page in the spell checker dialog. If they cancel out of the spell checker and try again everything works without any errors. The next time they open the page with the editor, they have to go through the warning to get to the spell checker again.
I have noticed that the iframe in fck_spellerpages.html uses src="javascript:void(0)" other dialogs use either FCKTools.GetVoidUrl() or a valid filename. I don't know if this has anything to do with the problem or not. I'm still digging.
Any help would be appriciated.
Re: "both secure and nonsecure items" warning
I don't know if this is the best solution, but it seems to be working for me.
Re: "both secure and nonsecure items" warning
@ross_p, can you open a ticket for it at our dev site?
Frederico Knabben
CKEditor Project Lead and CKSource Owner
--
Follow us on: Twitter | Facebook | Google+ | LinkedIn