IE Security Popup Issue for Ephox Editlive Editor (Authoring Templates with Ephox)


Issue:  Internet Explorer (7 or 8) causes security warning popup when you open authoring template with ephox editor  i.e. Rich Text Component  (with advanced editor  enabled) over https .

Reason: Ephox Editlive Editor uses the Java plugin to run on browsers . When Ephox Editor is placed on the page it includes the download URL for the JRE (Sun/Oracle). This link is used so that the browser can offer to install the JRE if it is not available on that machine. Unfortunately, this URL uses HTTP.


Resolution: It little different for the different versions

Portal v7.0.0.1  (Editlive v 7.6.1.71)  :

/opt/IBM/WebSphere/wp_profile/installedApps/NODENAME/EphoxEditLive.ear/editor-editlive.war/res/editlivejava/editlivejava.js

Change the http to https in highlighted code

        var getRemoteJreDownloadUrl = function(minVersion) {
                // download list is at http://www.oracle.com/technetwork/java/javase/autodownload-140472.html
                var base = "http://java.sun.com/update/";
                var ext = minVersion === "1.4.2"
                        ? "1.4.2/jinstall-1_4_2_19-windows-i586.cab"
                        : "1.6.0/jinstall-6u26-windows-i586.cab";
                return base + ext;
        };


Portal v7.0.0.0   (Editlive v 7.0.1.9)  :

/opt/IBM/WebSphere/wp_profile/installedApps/NODENAME/EphoxEditLive.ear/editor-editlive.war/res/editlivejava/editlivejava.js

Change the http to https in highlighted code

if(EditLiveJava.minimumJREVersion == "1.4.2"){
                str += ' codebase="https://java.sun.com/update/1.4.2/jinstall-1_4_2_14-windows-i586.cab#Version=1,4,2"';
} else if(EditLiveJava.minimumJREVersion == "1.4.1"){
                str += ' codebase="https://java.sun.com/update/1.4.1/jinstall-1_4_1_07-windows-i586.cab#version=1,4,1"';
} else if(EditLiveJava.minimumJREVersion == "1.6.0") {
                str += ' codebase="http://java.sun.com/update/1.6.0/jinstall-6u12-windows-i586.cab#version=1,6,0"';
} else {
                str += ' codebase="https://java.sun.com/update/1.6.0/jinstall-6u16-windows-i586.cab#Version=1,4,2"';
}


Note : Make sure to access those .cab files using the https , if it’s not accessible from your browser directly probably you need to get them on to your local server and access it through https

Portal v6.1  :

http://www-01.ibm.com/support/docview.wss?uid=swg21588369


Resources:
http://www-01.ibm.com/support/docview.wss?uid=swg21588369
Posted by Siva R Vaka
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)