views:

19

answers:

0

Hi there everyone,

I've got a problem with a web application, a rich internet application in fact, in which every component resides on a secure https connection. Common content are: html files, images, js files and the like, all are on and retrieved from https connections.

A single part of the application (when a tab action gets executed and does an XMLHTTPRequest/AJAX call) shows this warning in IE 6+, we didn't test IE7 but we suppose it would display the same (can't post image):

"Do you want to view only the webpage content that was delivered securely? ... This webpage contains content that will not be delivered using a secure HTTPS connection which could compromise the security of the entire webpage."

Now the problem is that even the XMLHttpRequest goes on HTTPS and the Adobe Flash graphics too... so I'm at a loss to which part of the call is having a problem, I just supposed it is a known bug of Prototype.

Last info: the HTTPS certificate is invalid on the test servers but this isn't an issue with other XMLHttpRequest calls.

EDIT

After some tinkering we managed to remove the message, it was a loaded image, this arised the question wether is this a known javascript bug or a prototype bug:

//ERROR CODE:
var myItem = '<div style="background-image:url(img/pl.jpg)">SOMETHING</div>';

$('element').innerHTML = myItem;

This pops up the error code in IE.

//CORRECT
var myItem = '<div id="myId">SOMETHING</div>';

$('element').innerHTML = myItem; 
$('myId').style.backgroundImage = 'url(img/pl.jpg)';

This works.

Any ideas?