Bug Tracker

Opened 12 years ago

Closed 12 years ago

Last modified 11 years ago

#8927 closed bug (invalid)

.load() causes security warning in IE7/8 when loading only a fragment from target page

Reported by: jon_brockman Owned by: jon_brockman
Priority: low Milestone: 1.next
Component: ajax Version: 1.5.2
Keywords: Cc:
Blocked by: Blocking:

Description

jquery 1.5.2 Windows XP


This affects only IE7 and IE8. Other browsers tested such as FF 4, Chrome 12 (dev), IE9 (on Windows 7) were unaffected.


If there are two pages, Foo.html and Bar.html, both on the same domain and both using https, the .load() function operates correctly and without any mixed content warning if loading the entirety of Bar into Foo.
However, if a fragment of the target page is being loaded, a mixed security warning is generated.

URls for reference:
https://www.mydomain.com/staging/Foo.html

https://www.mydomain.com/production/Bar.html

Example (in Foo.html) $('#content').load('https://www.mydomain.com/production/Bar.html');

However, if loading a fragment from Bar.html, IE7 and IE8 throw the mixed security warning.

Example (in Foo.html) $('#content').load('https://www.mydomain.com/staging/Bar.html #fragmentToLoad');

Unfortunately I cannot provide a working example as the two resources are not publicly available.

Change History (4)

comment:1 Changed 12 years ago by jon_brockman

apologies, both load() calls should be to the same production URL.

comment:2 Changed 12 years ago by timmywil

Component: unfiledajax
Owner: set to jon_brockman
Priority: undecidedlow
Status: newpending

Thanks for taking the time to contribute to the jQuery project! Please provide a reduced test case that reproduces the issue experienced to help us assess your ticket.

comment:3 Changed 12 years ago by trac-o-bot

Resolution: invalid
Status: pendingclosed

Because we get so many tickets, we often need to return them to the initial reporter for more information. If that person does not reply within 14 days, the ticket will automatically be closed, and that has happened in this case. If you still are interested in pursuing this issue, feel free to add a comment with the requested information and we will be happy to reopen the ticket if it is still valid. Thanks!

comment:4 Changed 11 years ago by [email protected]

Hi,

I have exactly the same problem.

Here's the URL of a website we have that has the same problem discussed above: https://www.agep.ulaval.ca

Note: See TracTickets for help on using tickets.