Firing OnParentNodeChanged function while viewing the page using HTTPS, causes security message in Internet explorer 9

Progress® Telerik® UI for ASP.NET AJAX Feedback Portal

Create an account Log In

Back to Feed

Request a Feature Report a Bug

Completed

Last Updated: 04 Sep 2019 14:22 by ADMIN

ADMIN

Rumen

Created on: 13 Mar 2013 09:19

Category: Editor

Type: Bug Report

Firing OnParentNodeChanged function while viewing the page using HTTPS, causes security message in Internet explorer 9

When I call OnParentNodeChanged on an Editor, while viewing the page using HTTPS, I get the following message in IE:
SEC7111: HTTPS security is compromised by (null)

3 comments

ADMIN

Rumen

Posted on: 04 Sep 2019 14:21

Hi,

I tested the scenario with the latest R2 2019 version of the control and latest IE11 (put in IE8 mode) and wasn't able to replicate it anymore.

That's why I will close the case as completed, but if you still experiencing it, please provide guidance how to replicate it. Thank you!

Regards,
Rumen
Progress Telerik

Get quickly onboarded and successful with your Telerik and/or Kendo UI products with the Virtual Classroom free technical training, available to all active customers. Learn More.

Sameer

Posted on: 02 May 2013 19:18

Another approach is to use RadEditor's ContentAreaMode='Div' and it may not be necessary to call onParentNodeChanged function.

Or you can try the following override provided to me by Telerik. The difference from the original function is that the doc.designMode = "off", which causes the security warning will not be executed in Internet Explorer when https protocol is used. You could place it at the end of the form element where the RadControls are.

<script type="text/javascript">
    Telerik.Web.UI.RadEditor.prototype._getTextIframe = function ()
    {
        if (this._textIframe && (!this._textIframe.contentWindow || (this._textIframe.contentWindow.document.body && !this._textIframe.contentWindow.document.body.firstChild)))
        {
            if (this._textIframe.parentNode) this._textIframe.parentNode.removeChild(this._textIframe);
            this._textIframe = null;
        }
 
        if (!this._textIframe)
        {
            var iframe = this._createIframe();
            if (iframe)
            {
                this._textIframe = iframe;
                var ifrstyle = this._textIframe.style;
                ifrstyle.position = "absolute";
                ifrstyle.height = "2px";
                ifrstyle.width = "2px";
                this.get_contentAreaElement().parentNode.appendChild(this._textIframe);
                var doc = this._textIframe.contentWindow.document;
                if (!$telerik.isIE || window.location.protocol != "https:")
                {
                    doc.designMode = "off";
                }
 
                var oNewDoc = doc.open("text/html", "replace");
                var sMarkup = "<html style='height:100%;'><head><title>RadEditor HTML Mode</title></head>" +
                                "<body style='overflow:hidden;margin:0px;padding:0px;height:100%'>" +
                                "<textarea style='font:normal 11px Tahoma;color: #000080;border:0px;height:100%;width:100%;resize:none;'></textarea>" +
                                "</body></html>";
 
                if (typeof (oNewDoc) == "undefined") oNewDoc = doc;
                oNewDoc.write(sMarkup);
                oNewDoc.close();
            }
        }
 
        return this._textIframe;
    }   
</script>
</form>

Sypher

Posted on: 02 May 2013 17:57

Same error in IE10 while switched to IE8 / IE8 mode. First reported to us by users in IE8.

To replicate:
* Create a new blank ASPX page
* Add blank RadEditor
* View page on HTTPS page and switch from Design to HTML mode by clicking bottom button.

Error shows up in console.

Simple page code:

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="EditorTest.aspx.cs" Inherits="...EditorTest" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title>RadEditor Test Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <telerik:RadScriptManager ID="RadScriptManager1" runat="server">
		<Scripts>
			<asp:ScriptReference Assembly="Telerik.Web.UI" Name="Telerik.Web.UI.Common.Core.js">
			</asp:ScriptReference>
			<asp:ScriptReference Assembly="Telerik.Web.UI" Name="Telerik.Web.UI.Common.jQuery.js">
			</asp:ScriptReference>
			<asp:ScriptReference Assembly="Telerik.Web.UI" Name="Telerik.Web.UI.Common.jQueryInclude.js">
			</asp:ScriptReference>
		</Scripts>
	</telerik:RadScriptManager>
    <div>
		<telerik:RadEditor runat="server" ID="RadEditor1"></telerik:RadEditor>
    </div>
    </form>
</body>
</html>

Attached Files:

EditorTest.aspx.invalid