We now set the src of NamedFrames to to "javascript:''" to prevent mixed content warnings in IE6. In addition, NamedFrame passes the named iframe into the super constructor instead of replacing the element.
Patch by: jlabanca
Review by: ecc
Issue: 2318
git-svn-id: https://google-web-toolkit.googlecode.com/svn/releases/1.6@4293 8db76d5a-ed1c-0410-87a9-c151d255dfc7
diff --git a/reference/code-museum/src/com/google/gwt/museum/client/defaultmuseum/DefaultMuseum.java b/reference/code-museum/src/com/google/gwt/museum/client/defaultmuseum/DefaultMuseum.java
index d80ab61..6e4ccc6 100644
--- a/reference/code-museum/src/com/google/gwt/museum/client/defaultmuseum/DefaultMuseum.java
+++ b/reference/code-museum/src/com/google/gwt/museum/client/defaultmuseum/DefaultMuseum.java
@@ -38,6 +38,7 @@
addIssue(new Issue2261());
addIssue(new Issue2290());
addIssue(new Issue2307());
+ addIssue(new Issue2318());
addIssue(new Issue2321());
addIssue(new Issue2331());
addIssue(new Issue2338());
diff --git a/reference/code-museum/src/com/google/gwt/museum/client/defaultmuseum/Issue2318.java b/reference/code-museum/src/com/google/gwt/museum/client/defaultmuseum/Issue2318.java
new file mode 100644
index 0000000..9b6a3ff
--- /dev/null
+++ b/reference/code-museum/src/com/google/gwt/museum/client/defaultmuseum/Issue2318.java
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2008 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package com.google.gwt.museum.client.defaultmuseum;
+
+import com.google.gwt.museum.client.common.AbstractIssue;
+import com.google.gwt.user.client.ui.NamedFrame;
+import com.google.gwt.user.client.ui.Widget;
+
+/**
+ * Warning message in IE6 when using NamedFrame on SSL-secured web-site.
+ */
+public class Issue2318 extends AbstractIssue {
+ @Override
+ public Widget createIssue() {
+ return new NamedFrame("myFrame");
+ }
+
+ @Override
+ public String getInstructions() {
+ return "Open this page in IE6 on an SSL-secured server (https). Verify "
+ + "that you do not see a mixed-content warning.";
+ }
+
+ @Override
+ public String getSummary() {
+ return "Warning message in IE6 when using NamedFrame on SSL-secured site";
+ }
+
+ @Override
+ public boolean hasCSS() {
+ return false;
+ }
+}
diff --git a/user/src/com/google/gwt/user/client/ui/NamedFrame.java b/user/src/com/google/gwt/user/client/ui/NamedFrame.java
index 9efe1f7..402158a 100644
--- a/user/src/com/google/gwt/user/client/ui/NamedFrame.java
+++ b/user/src/com/google/gwt/user/client/ui/NamedFrame.java
@@ -17,6 +17,7 @@
import com.google.gwt.core.client.GWT;
import com.google.gwt.core.client.JavaScriptObject;
+import com.google.gwt.dom.client.IFrameElement;
import com.google.gwt.user.client.DOM;
import com.google.gwt.user.client.Element;
@@ -43,6 +44,30 @@
}
}
+ /**
+ * Creates an HTML IFRAME element with a src and name.
+ *
+ * @param src the src of the frame
+ * @param name the name of the frame, which must contain at least one
+ * non-whitespace character and must not contain reserved HTML markup
+ * characters such as '<code><</code>', '<code>></code>',
+ * or '<code>&</code>'
+ * @return the newly-created element
+ * @throws IllegalArgumentException if the supplied name is not allowed
+ */
+ private static IFrameElement createIFrame(String src, String name) {
+ if (name == null || !isValidName(name.trim())) {
+ throw new IllegalArgumentException(
+ "expecting one or more non-whitespace chars with no '<', '>', or '&'");
+ }
+
+ // Use innerHTML to implicitly create the <iframe>. This is necessary
+ // because most browsers will not respect a dynamically-set iframe name.
+ Element div = DOM.createDiv();
+ div.setInnerHTML("<iframe src=\"" + src + "\" name='" + name + "'>");
+ return div.getFirstChild().cast();
+ }
+
private static native void initStatics() /*-{
@com.google.gwt.user.client.ui.NamedFrame::PATTERN_NAME = /^[^<>&\'\"]+$/;
}-*/;
@@ -67,18 +92,9 @@
* @throws IllegalArgumentException if the supplied name is not allowed
*/
public NamedFrame(String name) {
- if (name == null || !isValidName(name.trim())) {
- throw new IllegalArgumentException(
- "expecting one or more non-whitespace chars with no '<', '>', or '&'");
- }
-
- // Use innerHTML to implicitly create the <iframe>. This is necessary
- // because most browsers will not respect a dynamically-set iframe name.
- Element div = DOM.createDiv();
- DOM.setInnerHTML(div, "<iframe name='" + name + "'>");
-
- Element iframe = DOM.getFirstChild(div);
- replaceElement(iframe);
+ // Setting a src prevents mixed-content warnings.
+ // http://weblogs.asp.net/bleroy/archive/2005/08/09/how-to-put-a-div-over-a-select-in-ie.aspx
+ super(createIFrame("javascript:''", name));
setStyleName(DEFAULT_STYLENAME);
}
