What Do I Do If There is a Protocol Conflict? (SAP Library

What Do I Do If There is a Protocol Conflict?

Question

Within an SSL connection, the browser displays an error message (safety information) saying that the page concerned contains both secure and insecure objects and asks whether the user wants to display the objects that are not secure.

This is a problem with URL generation in the application: absolute URLs are generated with the (incorrect) HTTP protocol instead of HTTPS. The usual browser configuration causes the browser to display a warning with an http:// request whenever HTTPS is active.

Answer

Determine where absolute URLs are generated in the application. You can find this out using HTTP logging (see Logging in the ICM). Ensure that more absolute URLs are not generated.

Example

For example, absolute URLs are generated with a mail page with which a message is sent to a selected recipient from a list. The BSP mail.htm is used for this, to which all selected rows as transferred as parameters. The e-mail address is determined for each selected row and the mail message is generated using JavaScript.

Note that in the coding, instead of window.location = 'mailto:...', the statement window.open( 'mailto:...') is used.