Moodle

SSL Enabled Site gives browser error when loading HTMLAREA on IE6

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Minor Minor
  • Resolution: Fixed
  • Affects Version/s: 1.8, 1.8.1, 1.8.2, 1.8.3
  • Fix Version/s: 1.8.10, 1.9.6
  • Component/s: HTML Editor, Libraries
  • Labels:
    None
  • Environment:
    All Server Enviroments
  • Database:
    Any
  • Affected Branches:
    MOODLE_18_STABLE
  • Fixed Branches:
    MOODLE_18_STABLE, MOODLE_19_STABLE

Description

When loading a page using the HTMLAREA using IE6 on an all SSL enabled site, the default iframe source is about:blank. This produces a security warning about viewing mixed security content. The problem is that IE does not view about:blank as a secure source.

The fix is to change this file:
/lib/editor/htmlarea/lang/eng.php

Search for about:blank and point to to a blank page hosted on the moodle installation.

Attachments

  1. File
    MDL-12561.diff
    18/May/09 2:22 PM
    4 kB
    Jonathan Harker
  2. File
    MDL-12561.diff
    18/May/09 1:46 PM
    4 kB
    Jonathan Harker
  3. File
    MDL-12561.diff
    18/May/09 11:47 AM
    3 kB
    Jonathan Harker

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Brian McFarlane added a comment -

Correction, the file to edit is here:

/html/lib/editor/htmlarea/htmlarea.php

Show
Brian McFarlane added a comment - Correction, the file to edit is here: /html/lib/editor/htmlarea/htmlarea.php
Hide
Permalink
Jonathan Harker added a comment -

This issue affects 1.9 too, I am just working up a patch. I've also noticed about:blank in lib/editor/htmlarea/popups/insert_image.php and lib/editor/htmlarea/popups/insert_image_std.php as well.

Show
Jonathan Harker added a comment - This issue affects 1.9 too, I am just working up a patch. I've also noticed about:blank in lib/editor/htmlarea/popups/insert_image.php and lib/editor/htmlarea/popups/insert_image_std.php as well.
Hide
Permalink
Jonathan Harker added a comment -

Patch up the about:blank links in HTMLarea editor that cause IE6 to complain in SSL Moodle sites.

Show
Jonathan Harker added a comment - Patch up the about:blank links in HTMLarea editor that cause IE6 to complain in SSL Moodle sites.
Hide
Permalink
Jonathan Harker added a comment -

Above patch applies cleanly to today's MOODLE_18_STABLE and MOODLE_19_STABLE. HTMLArea removed in Moodle 2. Should fix IE6 complaining about HTMLArea in SSL sites.

Show
Jonathan Harker added a comment - Above patch applies cleanly to today's MOODLE_18_STABLE and MOODLE_19_STABLE. HTMLArea removed in Moodle 2. Should fix IE6 complaining about HTMLArea in SSL sites.
Hide
Permalink
Jonathan Harker added a comment -

This one includes a missed about:blank in lib/editor/htmlarea/coursefiles.php and uses wwwroot instead of libroot (oops).

Show
Jonathan Harker added a comment - This one includes a missed about:blank in lib/editor/htmlarea/coursefiles.php and uses wwwroot instead of libroot (oops).
Hide
Permalink
Jonathan Harker added a comment -

This time. (remove debug message)

Show
Jonathan Harker added a comment - This time. (remove debug message)
Hide
Permalink
Martin Dougiamas added a comment -

Looks OK to me, thanks! +1

Show
Martin Dougiamas added a comment - Looks OK to me, thanks! +1
Hide
Permalink
Martin Dougiamas added a comment -

Assigning to you, Jonathan.

Show
Martin Dougiamas added a comment - Assigning to you, Jonathan.
Hide
Permalink
Jonathan Harker added a comment -

Committed to MOODLE_18_STABLE and MOODLE_19_STABLE. Does not apply to CVSHEAD as HTMLArea has been removed.

Show
Jonathan Harker added a comment - Committed to MOODLE_18_STABLE and MOODLE_19_STABLE. Does not apply to CVSHEAD as HTMLArea has been removed.
Hide
Permalink
Jonathan Harker added a comment -

Fix committed

Show
Jonathan Harker added a comment - Fix committed

People

Vote (0)
Watch (1)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.5#665-sha1:422aead) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.