+ Start a Discussion
devNut!devNut! 

apex:flash tag causes "This page contains both secure and nonsecure items."

I'm using the visualforce flash tag:

 

<apex:flash src="{!$Resource.FlashApplication}"
         id="CmpId"
         width="100%" height="100%"
         flashvars="session_id={!$Api.Session_ID}&server_url={!$Api.Partner_Server_URL_90}" />

 

 

However when loading the visualforce page the prompt "This page contains both secure and nonsecure items." appears.  When the  <apex:flash is commented out, the page loads without the prompt.

 

Any ideas?

mattdarnoldmattdarnold

I had a similar problem with some Javascript code I was working with. This happens when you have a page served over https and parts of the code are making call-outs or are being served from the local cache or over http. Take a look at this page and see if any of these are causing your issue. It seems like the most common is making a call-out to a 3rd party service over http or using an Adobe library that you need to include over http.

 

-- Matt

devNut!devNut!

Thanks for the reply Matt,

 

I agree, if I had written custom javascript code I would be able to track down the issue.

 

The thing is, the issue has something to do with the actual html/script outupt generated when using the "<apex:flash" tag which is a standard visualforce component .

mattdarnoldmattdarnold

Do you get an error regardless of what's containted in your .swf? So if you use a very basic "hello world" type flash component do you still get the same error?

 

-- Matt

devNut!devNut!

Yes,

Literally showing a button.

 

 

<?xml version="1.0" encoding="utf-8"?>
<mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute">
    <mx:Button label="Test button">
       
    </mx:Button>
</mx:Application>
 

andirvandirv

I've encountered the same problem - is there a solution to this?

 

When embedding a flex swf via the apex:flash tag like this:

 

<apex:page standardController="Contact" extensions="GetSessionControllerExtension">  
    <apex:flash src="{!$Resource.FlexPOC}" 
        width="600" height="300" 
        flashvars="userId={!$User.Id}&session_id={!MySessionId}&server_url={!$Api.Partner_Server_URL_150}" />  
</apex:page>
(session id workaround included here)

 

I get the security warning.  The one thing I see that might be the culprit in the rendered html is this http reference:

 

<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab" height="300" id="j_id0:j_id1:flash" width="600">

 

As an alternate approach, I'm embedding the object tag manually:

 

<apex:page >
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
  id="FlexTree" width="282" height="421"
  codebase="https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab">
  <param name="movie" value="{!$Resource.FlexPOC}" />
  <param name="quality" value="high" />
  <param name="bgcolor" value="#869ca7" />
  <param name="allowScriptAccess" value="sameDomain" />
  <param name="flashvars" value="session_id={!$API.Session_ID}&server_url={!$API.Partner_Server_URL_150}" />
  <embed src="{!$Resource.FlexPOC}" quality="high" bgcolor="#869ca7"
    width="282" height="421" name="FlexTree" align="middle"
    play="true"
    loop="false"
    flashvars="userId={!$User.Id}&session_id={!$API.Session_ID}&server_url={!$Api.Partner_Server_URL_150}"  
    quality="high"
    allowScriptAccess="sameDomain"
    type="application/x-shockwave-flash"
    pluginspage="http://www.adobe.com/go/getflashplayer">
  </embed>
</object>
</apex:page>

 

And this works fine, but I'd rather not have to do that.  How are other folks approaching this issue?

a_Ba_B

I had to use object tag instead of apex:flash for the same reason. 

Salesforce should fix this.  

rajarakrajarak
IE Security warning pop up can be tackled by changing the IE settings.
Internet Options - Security - Internet - Custom Level - Miscellaneous - Display Mixed Content = ENABLE

It worked for me, let me know if you guys have luck....

-KK

VjartzmusicVjartzmusic

Hi,

 

IE Security warning pop up can be tackled by changing the IE settings.
Internet Options - Security - Internet - Custom Level - Miscellaneous - Display Mixed Content = ENABLE

 

Regards

 

Vivek Viswanathan