[BUGFIX] Set Ext.SSL_SECURE_URL to prevent https issues in IE 28/35428/2
authorMarco Huber <mail@marco-huber.de>
Mon, 11 Aug 2014 11:17:25 +0000 (13:17 +0200)
committerWouter Wolters <typo3@wouterwolters.nl>
Sun, 14 Dec 2014 16:38:47 +0000 (17:38 +0100)
Ext.SSL_SECURE_URL is javascript:false by default. But this throws the error
"SEC7111: HTTPS security is compromised by res://ieframe.dll/dnserrordiagoff.htm"
in IE. To prevent this we can use the clear.gif URL which is a valid
URL and doesn't create too much traffic

Resolves: #60886
Releases: master, 6.2
Change-Id: I618815318aab3f39aaca54e92ebec4f3d79827c4
Reviewed-on: http://review.typo3.org/35428
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
typo3/sysext/core/Classes/Page/PageRenderer.php

index 41bd180..25ecb6c 100644 (file)
@@ -2251,7 +2251,8 @@ class PageRenderer implements \TYPO3\CMS\Core\SingletonInterface {
                        }
                        $out .= $this->inlineJavascriptWrap[0] . '
                                Ext.ns("TYPO3");
-                               Ext.BLANK_IMAGE_URL = "' . htmlspecialchars(GeneralUtility::locationHeaderUrl(($this->backPath . 'gfx/clear.gif'))) . '";' . LF
+                               Ext.BLANK_IMAGE_URL = "' . htmlspecialchars(GeneralUtility::locationHeaderUrl(($this->backPath . 'gfx/clear.gif'))) . '";
+                               Ext.SSL_SECURE_URL = "' . htmlspecialchars(GeneralUtility::locationHeaderUrl(($this->backPath . 'gfx/clear.gif'))) . '";' . LF
                                . $inlineSettings
                                . 'Ext.onReady(function() {'
                                        . ($this->enableExtJSQuickTips ? 'Ext.QuickTips.init();' . LF : '')