Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-12561

SSL Enabled Site gives browser error when loading HTMLAREA on IE6

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.8, 1.8.1, 1.8.2, 1.8.3
    • Fix Version/s: 1.8.10, 1.9.6
    • Labels:
      None
    • Environment:
      All Server Enviroments
    • Database:
      Any
    • Affected Branches:
      MOODLE_18_STABLE
    • Fixed Branches:
      MOODLE_18_STABLE, MOODLE_19_STABLE

      Description

      When loading a page using the HTMLAREA using IE6 on an all SSL enabled site, the default iframe source is about:blank. This produces a security warning about viewing mixed security content. The problem is that IE does not view about:blank as a secure source.

      The fix is to change this file:
      /lib/editor/htmlarea/lang/eng.php

      Search for about:blank and point to to a blank page hosted on the moodle installation.

        Gliffy Diagrams

          Attachments

            Activity

            Hide
            samspade21 Brian McFarlane added a comment -

            Correction, the file to edit is here:

            /html/lib/editor/htmlarea/htmlarea.php

            Show
            samspade21 Brian McFarlane added a comment - Correction, the file to edit is here: /html/lib/editor/htmlarea/htmlarea.php
            Hide
            jonathan Jonathan Harker added a comment -

            This issue affects 1.9 too, I am just working up a patch. I've also noticed about:blank in lib/editor/htmlarea/popups/insert_image.php and lib/editor/htmlarea/popups/insert_image_std.php as well.

            Show
            jonathan Jonathan Harker added a comment - This issue affects 1.9 too, I am just working up a patch. I've also noticed about:blank in lib/editor/htmlarea/popups/insert_image.php and lib/editor/htmlarea/popups/insert_image_std.php as well.
            Hide
            jonathan Jonathan Harker added a comment -

            Patch up the about:blank links in HTMLarea editor that cause IE6 to complain in SSL Moodle sites.

            Show
            jonathan Jonathan Harker added a comment - Patch up the about:blank links in HTMLarea editor that cause IE6 to complain in SSL Moodle sites.
            Hide
            jonathan Jonathan Harker added a comment -

            Above patch applies cleanly to today's MOODLE_18_STABLE and MOODLE_19_STABLE. HTMLArea removed in Moodle 2. Should fix IE6 complaining about HTMLArea in SSL sites.

            Show
            jonathan Jonathan Harker added a comment - Above patch applies cleanly to today's MOODLE_18_STABLE and MOODLE_19_STABLE. HTMLArea removed in Moodle 2. Should fix IE6 complaining about HTMLArea in SSL sites.
            Hide
            jonathan Jonathan Harker added a comment -

            This one includes a missed about:blank in lib/editor/htmlarea/coursefiles.php and uses wwwroot instead of libroot (oops).

            Show
            jonathan Jonathan Harker added a comment - This one includes a missed about:blank in lib/editor/htmlarea/coursefiles.php and uses wwwroot instead of libroot (oops).
            Hide
            jonathan Jonathan Harker added a comment -

            This time. (remove debug message)

            Show
            jonathan Jonathan Harker added a comment - This time. (remove debug message)
            Hide
            dougiamas Martin Dougiamas added a comment -

            Looks OK to me, thanks! +1

            Show
            dougiamas Martin Dougiamas added a comment - Looks OK to me, thanks! +1
            Hide
            dougiamas Martin Dougiamas added a comment -

            Assigning to you, Jonathan.

            Show
            dougiamas Martin Dougiamas added a comment - Assigning to you, Jonathan.
            Hide
            jonathan Jonathan Harker added a comment -

            Committed to MOODLE_18_STABLE and MOODLE_19_STABLE. Does not apply to CVSHEAD as HTMLArea has been removed.

            Show
            jonathan Jonathan Harker added a comment - Committed to MOODLE_18_STABLE and MOODLE_19_STABLE. Does not apply to CVSHEAD as HTMLArea has been removed.
            Hide
            jonathan Jonathan Harker added a comment -

            Fix committed

            Show
            jonathan Jonathan Harker added a comment - Fix committed

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  21/Oct/09