Fabio Videira
Top achievements
Rank 2
Rank 2
Fabio Videira
asked on 13 Feb 2009, 08:38 PM
I have a website that uses SSL for its login page. Everything is fine with IE7, FireFox and Chrome, however, during tests with IE8, I am getting the warning about some of the objects not being secured.
After troubleshooting the issue, I have noticed the problem comes up with these resources, which are requested via HTTP and not HTTPS:
ScriptResource.axd
Telerik.Web.UI.WebResource.axd
Here is the sequence of events:
http://ezactions.com:443
http://ezactions.com/ScriptResource.axd?d=6_rC-k1d89McuRoHt2U4ocZqJKsdtuBrCOxyh8MtxrYkmSEppV0VnRS3cc1JG-R5-9uPQp35ZwjOxGsXU3rzpA2&t=633370451355781250
http://ezactions.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl00_RadScriptManager1_HiddenField&_TSM_CombinedScripts_=;;Telerik.Web.UI,+Version=2008.1.619.20,+Culture=neutral,+PublicKeyToken=121fae78165ba3d4:en-US:16ee7c61-0c72-4885-ba3b-3c21a3307fa9:393f5085:34f9d57d;System.Web.Extensions,+Version=1.0.61025.0,+Culture=neutral,+PublicKeyToken=31bf3856ad364e35:en-US:1f0f78f9-0731-4ae9-b308-56936732ccb8:e481177b;Telerik.Web.UI,+Version=2008.1.619.20,+Culture=neutral,+PublicKeyToken=121fae78165ba3d4:en-US:16ee7c61-0c72-4885-ba3b-3c21a3307fa9:5edc7ae2
http://ezactions.com:443
http://ezactions.com:443
Does anyone have any idea how to fix this issue?
The live URL for testing is https://www.ezactions.com/login.aspx.
Thanks!
Fabio Videira.
2 Answers, 1 is accepted
0
Hello Fabio,
I see that you are using RadFormDecorator and RadScriptManager. Have you isolated which control gives you this warning? Try removing the decorator first and then replacing the RadScriptManager with a standard asp:scriptmanager control and see how your app will behave.
I also tried to reproduce the same problem here, e.g. browsed a project with RadFormDecorator and RadScriptManager on the page in IE8 RC / https mode, but I was not able to reproduce the problem locally. If you still get this warning, it will be best to send us a small sample project that reproduces the setup and the warning message. We will check it and do our best to help.
Regards,
Georgi Tunev
the Telerik team
Instantly find answers to your questions on the new Telerik Support Portal.
Check out the tips for optimizing your support resource searches.
I see that you are using RadFormDecorator and RadScriptManager. Have you isolated which control gives you this warning? Try removing the decorator first and then replacing the RadScriptManager with a standard asp:scriptmanager control and see how your app will behave.
I also tried to reproduce the same problem here, e.g. browsed a project with RadFormDecorator and RadScriptManager on the page in IE8 RC / https mode, but I was not able to reproduce the problem locally. If you still get this warning, it will be best to send us a small sample project that reproduces the setup and the warning message. We will check it and do our best to help.
Regards,
Georgi Tunev
the Telerik team
Instantly find answers to your questions on the new Telerik Support Portal.
Check out the tips for optimizing your support resource searches.
0
Fabio Videira
Top achievements
Rank 2
Rank 2
answered on 16 Feb 2009, 04:13 PM
Thanks, Georgi!
After further troubleshooting I've found the issue:
I have some code that switches between HTTP and HTTPS as needed, to improve overall performance.
It happens that I had an exclusion for WebResource.axd, which has been working fine for over a year. However, since the last time I've updated the server with the new controls, I did not realize I would also have to add Telerik.Web.UI.WebResource.axd and ScriptResource.axd to the list of files that should be ignored by the auto-switch.
Once I've added them to the code, IE 8 stopped complaining about non-secure items.
Regards,
Fabio Videira.
Technoideas Inc.
http://www.technoideas.com