jQuery Fancybox and ClueTip caused the famous "Nonsecure" IE prompt
Hi Guys,
I am currently using both Fancybox and Cluetip together in my J2EE portal. Well, I am not too sure which one is the offender but the portal keep prompting the "This page contains both secure and nonsecure items" intermittently (not always) when I opened up the pop-up using Fancybox. However, the fancybox is successfully shown in the background when the prompt is shown.
I am using Fancybox 1.3.1 and Cluetip 1.0.6. By disabling the cluetip, everything works fine hence I am guessing that the Cluetip could be the issue. It ONLY happened on IE6. I wish that everyone is using FF or Opera.
Has anyone experienced this before?
Thx
David
I am currently using both Fancybox and Cluetip together in my J2EE portal. Well, I am not too sure which one is the offender but the portal keep prompting the "This page contains both secure and nonsecure items" intermittently (not always) when I opened up the pop-up using Fancybox. However, the fancybox is successfully shown in the background when the prompt is shown.
I am using Fancybox 1.3.1 and Cluetip 1.0.6. By disabling the cluetip, everything works fine hence I am guessing that the Cluetip could be the issue. It ONLY happened on IE6. I wish that everyone is using FF or Opera.
Has anyone experienced this before?
Thx
David
function constructURL(contextApp, obj, params) {
var suiteId = "";
var newHref = "";
var title = "";
var customerSite = "";
if ($(obj) != null) {
suiteId = $(obj).val();
}
if (suiteId == null || suiteId == undefined || suiteId == "undefined" || trim(suiteId).length == 0) {
suiteId = "";
}
if ($("#customerSite") != null) {
customerSite = $("#customerSite").val();
}
if (customerSite == null || customerSite == undefined || customerSite == "undefined" || trim(customerSite).length == 0) {
customerSite = "";
}
// reset
$("#" + params).attr("href", "/" + contextApp + "/ajax/AjaxAction.do");
$("#" + params).attr("rel", "/" + contextApp + "/ajax/AjaxAction.do");
$("#" + params).attr("title", "");
// get existing
newHref = $("#" + params).attr("href");
newHref += "?methodName=retrieveSuiteIdDesc&suiteId=" + encodeURIComponent(trim(suiteId)) + "&customerSite=" + encodeURIComponent(trim(customerSite));
$("#" + params).attr("href", newHref);
$("#" + params).attr("rel", newHref);
$("#" + params).attr("title", suiteId);
// tooltip
if (suiteId != null && trim(suiteId).length > 0) {
$("#" + params).cluetip({
cursor: 'pointer',
width: '160px'
});
}
else {
$("#" + params).cluetip({
cursor: 'pointer',
width: '140px',
showTitle: false
});
}
}
The famous nonsecure prompt will happen if you are serving your page over SSL, but you are also displaying content via http. If the images that you are including are in an external location that is not https then it will display that message.
I don't think the problem is fancybox and cluetip. I think the problem is the urls that you have in this section of the code.
I don't think the problem is fancybox and cluetip. I think the problem is the urls that you have in this section of the code.
ASKER
Hi SRigney,
Thanks for the reply. I have used Fiddler2 to check is there any communication on HTTP instead of HTTPS but it reported that everything went to HTTPS hence, images are not the problem here. Additionally, I have checked all the CSS, JS and etc and all of them are using relative path (I am just afraid that there are some hardcoding URL to go to HTTP).
I have also checked the iframe and all the src of the frame have been properly set to avoid this message.
Thanks
David
Thanks for the reply. I have used Fiddler2 to check is there any communication on HTTP instead of HTTPS but it reported that everything went to HTTPS hence, images are not the problem here. Additionally, I have checked all the CSS, JS and etc and all of them are using relative path (I am just afraid that there are some hardcoding URL to go to HTTP).
I have also checked the iframe and all the src of the frame have been properly set to avoid this message.
Thanks
David
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks.
I just installed YSlow and it shows that all my images are coming from HTTPS.
Any other idea?
Thanks
David
I just installed YSlow and it shows that all my images are coming from HTTPS.
Any other idea?
Thanks
David
verify that all of the javascripts and css are also coming from https.
ASKER
Hi,
Yes, they all are. Just FYI, the nonsecure message was just intermittent hence I am also very confused here :(. If I disabled the cluetip, it works fine.
Thanks
David
Yes, they all are. Just FYI, the nonsecure message was just intermittent hence I am also very confused here :(. If I disabled the cluetip, it works fine.
Thanks
David
look inside the cluetip .css file.
Cluetip has the arrows that it loads make sure that they are set to load correctly.
Cluetip has the arrows that it loads make sure that they are set to load correctly.
ASKER
Thanks friend,
Let me check this tomorrow and I really hope that this is the problem.
Thanks
David
Let me check this tomorrow and I really hope that this is the problem.
Thanks
David
ASKER
Hi SRigney,
Can I confirm that you are actually suspecting that some of the images in cluetip are not loaded properly hence causing the nonsecure error to be displayed?
If this is the case, I will try to check other images in cluetip that may have this issue. Btw, any tool that I can use to check any unloaded image?
Thanks
David
Can I confirm that you are actually suspecting that some of the images in cluetip are not loaded properly hence causing the nonsecure error to be displayed?
If this is the case, I will try to check other images in cluetip that may have this issue. Btw, any tool that I can use to check any unloaded image?
Thanks
David
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi SRigney,
>>"I'm not sure I can provide any more assistance without having access to the site."
You already helped me so much hence many thanks for that. I will try to play around with the codes and see whether I can solve this. If not, I may want to give you access to the site to hv a look.
Thanks
David
>>"I'm not sure I can provide any more assistance without having access to the site."
You already helped me so much hence many thanks for that. I will try to play around with the codes and see whether I can solve this. If not, I may want to give you access to the site to hv a look.
Thanks
David
ASKER
Hi SRigney,
Management has decided that this issue is minor issue and we will focus more to the bigger issue first.
Hence, I am going to accept ur answer on the YSlow. Well, it is not really fixing the core problem but that tools really help me in a lot of other things.
What do you think?
Thanks
David
Management has decided that this issue is minor issue and we will focus more to the bigger issue first.
Hence, I am going to accept ur answer on the YSlow. Well, it is not really fixing the core problem but that tools really help me in a lot of other things.
What do you think?
Thanks
David
ASKER
This does not directly solve the problem. Our management has decided that this is minor issue and we will look into it in the weeks to come.
However, SRigney has indirectly helped me in other problems by suggesting to use the YSlow hence I think that he deserves a full points.
Thanks again.
David
However, SRigney has indirectly helped me in other problems by suggesting to use the YSlow hence I think that he deserves a full points.
Thanks again.
David
Thank you for the points.
ASKER
In my JSP, attached are the ways on how I called it.
Thx
David
Open in new window