.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

IE8, AJAX and SSL - Solution to mixed content security warning!

Posted By:      Posted Date: September 11, 2010    Points: 0   Category :ASP.Net
 Hi everyone, I've searched this forum and the web for an answer to my problem, but haven't quite found the answer. My corporate site is using Asp .Net 3.5, AJAX and SSL to secure certain pages. The problem is that IE8 throws a message about unsecure content while IE7 and Firefox do not. I know this issue has been discussed ad nauseum (remember, I've done a lot of research), however, I have specifically isolated the issue down to adding the <scriptmanager> control on an AJAX page requiring SSL. With nothing else on the page (e.g. no images or script references), just a simple .aspx page, add <scriptmanager> and IE8 will display the message and IE7 and FF will not.  Based on my reasearch, the issue is most likely related to the scriptresource and webresource handlers, however, I don't know enough about the inner workings to do any good. Here's what I tried... Manually set the scriptpath property of scriptmanager to specify where to find the AJAX scripts. The scriptmanager uses the system.web.extensions assembly (which packages all the AJAX js), so I manually downloaded the library from ajax.asp.net site, copied the js files to a scripts directory and made reference in the scriptmanager directly.  Using Fiddler2, I could see that the references now appear to be SSL, and I know it was working because

View Complete Post

More Related Resource Links

Security: Safer Authentication with a One-Time Password Solution


One-time passwords offer solutions to dictionary attacks, phishing, interception, and lots of other security breaches. Here's how it all works.

Dan Griffin

MSDN Magazine May 2008

Suppress Content Approval Warning Message

When a list has Content Approval activated, the NewForm.aspx shows the following warning at the top of the page: Items on this list require content approval. Your submission will not appear in public views until approved by someone with proper rights. [More information on content approval.] How do I suppress this message?

How to migrate sharepoint site in 2007 with custom solution package and its content to sharepoint 20

Hi Experts, Recently, my organization is planning for SharePoint 2010 upgrade. We decide to go with Database content migration as it is less impact with down time due to hardware and software requirement (64 bit) in SharePoint 2010. We have a sub-site which contains a lot of customization such as master page, custom list, web parts and a lot of content. There is also a solution was built for that sub-site as well. However, as the time past by there quite a few update and manual creating from power users which concern to me that the solution package that we have does not up to date that can be use for SharePoint 2010 upgrade. I am planning to re-package the solution for the upgrade with all the changes users made for SharePoint 2010. But the question is how do I migrate the content of existing site when we upgrade to 2010? It is also possible that they want to change the sturction of the site when migrate eg: make this new upgrade site as top site collection instead of sub-site. Another concern is what happen after I finish making re-package the solution but during the re-package period users might make more change to the existing site? I would greatly appreciate for any ideas, suggestions as well as best methodology I should take.   Thanks praneth

Adding AJAX-enabled WCF Service to the Solution throws an error

Hi I am just trying to learn Ajax enabled WCF service, when I try to create a new web application and add new item "AJAX-enabled WCF Service" I get an error message that "The extension of type 'System.ServiceModel.Configuration.WebScriptEnablingElement, System.ServiceModel.Web, Version=, Culture=neutral, PublicKeyToken=31bf3856ad364e35' is not registered in the extension collection 'behaviorExtensions'. I had .net2.0/VS2005 and then I installed VS2008. I thought it might be an issue with Machine.config. So I am attaching my machine.config info. <?xml version="1.0" encoding="UTF-8"?>    <!--    Please refer to machine.config.comments for a description and    the default values of each configuration section.     For a full documentation of the schema please refer to    http://go.microsoft.com/fwlink/?LinkId=42127     To improve performance, machine.config should contain only those    settings that differ from their defaults.    -->    <configuration>      <configSections>    <section name="appSettings" type="System.Configuration.AppSettingsSection, System.Configuration, Version=, Culture=neutral, Publi

File Download does not continue after IE Security warning

Hello. First let me give a reference to my code which is in another post  http://forums.asp.net/t/1600899.aspx I'm running into an issue where in IE the security dialog is popping up and if I click download File the file is never downloaded..it just goes back to the main page. I'm using a web service to generate the file on disk and then setting the src of the iframe to the file..I also tried an alternate approach of setting the src of the frame to an aspx page that pretty much does the following:  Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load Dim file As String = Request.QueryString("file") Response.Clear() Response.ClearHeaders() Response.BufferOutput = False Response.ContentType = "application/zip" Response.AddHeader("content-disposition", "attachment; filename=" + file) Response.TransmitFile(file) Response.Close()     works fine in firefox but not IE...

BCS Method Security / External Content Type Permissions / Custom List Security Provider / Security T


I have an external list setup with the usual CRUD methods.  The external SQL table is also being populated by another source.  I want to enable/disable deleting depending on whether the record was created from SharePoint.  I would also like the normal list permissions to work.  So if a user has permissions to delete on the list, they can only delete items created for SharePoint. 

Where should this logic be incorporated?  On the BCS Delete method, somewhere in the External Content Type or on the list instance?  Most examples I find relate to security trimming for search.  I'm only concerned about the delete method.

I'm sure there are multiple ways to accomplish this.  Which is the best?


How to use AJAX editor with HTML content?


I have a AJAX editor and I want to put the HTML content in a database and I want to get the HTML data from the database to put in the HTML editor, in HTML mode.

So I do:

Editor1.ActiveMode = AjaxControlToolkit.HTMLEditor.ActiveModeType.Html;
        Editor1.Content = MessageLabel2;

Editor1.ActiveMode = AjaxControlToolkit.HTMLEditor.ActiveModeType.Html;

Editor1.Content = data_from_database;

But what happens is that I get the HTML data from the database in designmode in the editor, so I have HTML in designmode and HTML to HTML in HTMLmode (and that is not what I want of course).

Of course I want only HTML in HTML mode and in designmode I want the normal text.

How can you do this and is this possible?

Update div content via ajax according to tab selected. Track the url


dear experts,
I have one design question that i have stumbles on:
 -> I am using asp.net 3.5 + AJAX
 -> I have 4 tabs on my homepage and a content part. I want
    to update the content div according to which tab is selected.

AJAX TabPanel content are always visibility:hidden, display: none on all but first tab


I am trying to use the TabContainer/TabPanel controls to create 3 tabs. The tabs themselves will always appear, however, only the first tab will ever display. When I look at the source of the page, I find that the 2nd and 3rd panels have style="visibility:hidden;display:none" on them. The only time this is not true, is if the content inside the tables is text that is on the source, nothing generated.

I have tried it using controls, repeaters, adding all my tabs dynamically, setting the properties of visibility=True and enabled=true. I am kind of pulling my hair out here.

ASPX coding:

<asp:TabContainer ID="aeDetails" runat="server">
<asp:TabPanel ID="placeholder" runat ="server" HeaderText ="PlaceHolder" ><ContentTemplate >Place Holder</ContentTemplate></asp:TabPanel>

VB.NET Code:

'   Get the content for the home page.
        '   get the announcements, if any
        '   get the events, if any


Solution to controlling the Redirect URL after saving content in a Data Form View Control



I have customized a Page Layout to include a custom Data Form View Web Part that will allow users to enter comments on a news story page in a publishing site.


I was having a difficult time because when I clicked the button to save the data to the list, everything saved correctly, but the control was redirecting me to the AllItems.aspx page of the list.  This wasn't the desired behavior since the end user would prefer to see that their comment was posted on the news story page and wouldn't know what the AllItems.aspx page was for.


The save button that was created in the XSL seciton of the web part was:


<SharePoint: SaveButton runat="server" ControlMode="New" id="savebutton1" />


Microsoft has documented a RedirectUrl property on this button that I figured could change what page was loaded after the user saved the form data.  However, try as I might I could not get it to work.


Some more searching lead me to this article:


Content Editor text format functionality lost after deploying branding solution package


I've got two identical SharePoint 2010 servers.  One is a dev box and one is production.  We've got a branding solution package.  After deploying the package on the production server, when I go into edit a page, the text format functionality in the content editor works fine, i.e. I can change font, font size, font color, etc.  However, when I deploy the solution package on the dev server and then attempt to edit a page, the text format functionality is disabled/broken.  I can utilize bold, underline, or italicize but cannot change font, font color, font size, etc. 

I've copied a site collection from my production site (which works perfectly) over to the dev site with the same results, meaning once on the dev box, the copied site collection no longer has editing functionalilty in the content editor. Permissions are set the same on both boxes and as mentioned, editing works fine until deployment of the solution package on the dev box.   Any help would be greatly appreciated. 

Could Visual Studio installed on my Dev box cause this?


Why a Security Warning on web page loading? How can code or users avoid it?


My asp.net page now gives a popup box titled "Security Warning" when the page loads. There are multiple pages in my app that do this. The content of the dialog box reads "Do you want to view only the webpage content that was delivered securely?"

Why is this happening all of a sudden? I think it's because the pages contain some http links to external site pages, but i don't remember seeing the message before, and those "nonsecure" links have been there from the beginning. I did add 30+ images though, sourced from in another directory of the project.

Is there some way i can make the images and links "secure"; delivered via https?

Is there some browser setting for users to set so they don't see this popup every time one of the many pages in this website loads?

All feedback and insight is appreciated!!!

Formview's control collection empty when placed inside an AJAX accordian content pane.



The following problem occurs:

I have an accordian content pane on my page holding a formview. At code behind I can iterate the control collection of the content pane using FindControl and find the actual formview control. However it seems that when a formview is placed inside an accordian pane the formview itself looses it's control collection items.


So my problem is at codebehind I can get the FormView control, but it's control collection is empty, when placed inside an accordian content pane.

Using recursive find control function also doesn't help since there are no more items.

How to bypass https:// security warning.


I have website which is https://secure  and it has a contect from http://nonsecure (youtube videos)

I get Security Warning in Internet explorer which I try to access youtube videos, is there any where I can bypass that warning programmatically,

Please let me know or any other alternatives.

thank u


Is there a way for ASP.Net Ajax content to be indexed by Search Engine?


Hi All,

Is there a way for content that is dynamically generated by Ajax to be indexed by Search Engine e.g. Google, Bing or Yahoo

As far as i know their crawlers are not able to execute Javascript.

Google seems to have implemented something. Does Bing have something similar?



MySite crawling warning 'Content for this url is excluded by the server because a no-index attribut


Hi Team,

We have SharePoint farm consisting of 2 WFEs, 1 Application Server and SQL Cluster having 2 nodes.  We are are seeing many of the below warnings in the MySite crawling, more importantly we do not see many of document/s and personal blog not being picked up by the crawler and nothing is searchable. We do not have any Crawl rule on mysite url nor scope rule that points to personal site URL

Can some one help me with finding the reason/cause and solution if any one has come out of this situation.

Advance thank you.


Ramakrishna Pulipati SharePoint Consultant Bangalore, INDIA

Microsoft.Net Application Security Warning




I am installing SQL Server 2008 R2 Enterprise on a Windows Server 2008 R2 Datacenter.

The setup generates warning:

Rule "Microsoft.Net Application Security" generated a warning.

The computer cannot access the Internet. There might be delays 
in starting a .NET application like Managment Studio. If navigate 
to http://crl.microsoft.com/pki/crl/products/MicrosoftRootAuthority.crl file you should not have .NET security validation issues. It is not necessary to download the MicrosoftRootAuthority.crl file.

But the computer really has no access to the I-net. And will not have.


What does this warning mean?

Is it critical?


Thank you for your time.


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend