"This page shows secure and nonsecure items" error message when you use Microsoft Project Web Access to locate documents on a server that is running Project Server 2003 (842779)


The information in this article applies to:

  • Microsoft Office Project Server 2003
  • Microsoft Windows SharePoint Services
Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect your system.

SYMPTOMS

When you use Microsoft Project Web Access to locate documents on a server that is running Microsoft Office Project Server 2003 and Microsoft Windows SharePoint Services, both using SSL, you may receive the following error message:
This page contains both secure and nonsecure items.
Do you want to display the nonsecure items?

CAUSE

This problem occurs because Microsoft Internet Explorer treats pages that use the IFrame tag as nonsecure pages and raises the error message that is mentioned in the "Symptoms" section.

RESOLUTION

This problem is fixed in Microsoft Office Project 2003 Service Pack 1 (SP1). For more information, click the following article number to view the article in the Microsoft Knowledge Base:

837241 Description of Project Server 2003 Service Pack 1

WORKAROUND

Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

Note Only follow these steps if you are running Project Server 2003 and have not applied Project Server 2003 SP1. If you have applied Project Server 2003 SP1, no additional action is required.
  1. On your Project Server 2003-based computer, locate the following files:
    • C:\Program Files\Microsoft Office Project Server 2003\IIS Virtual Root\DOCLIB\doclibdrilldown.asp
    • C:\Program Files\Microsoft Office Project Server 2003\IIS Virtual Root\ISSUES\issueshell.asp
    • C:\Program Files\Microsoft Office Project Server 2003\IIS Virtual Root\HOME\homepage.asp
    • C:\Program Files\Microsoft Office Project Server 2003\IIS Virtual Root\SHELL\custpage.asp
  2. In the C:\Program Files\Microsoft Office Project Server 2003\IIS Virtual Root\RISKS folder, locate the following files:
    • New4task.asp
    • Risknew4.asp
    • Riskshel.asp
  3. Open the Doclibdrilldown.asp file that is listed in Notepad.
  4. On the Edit menu, click Find, type <IFRAME in the Find what box, and then click Find Next.
  5. For each <IFRAME> tag in the file that does not have the following parameter, add the following text:

    SRC="../library/IEFrameWarningBypass.htm"


    For example, for the doclibdrilldown.asp file, an <IFRAME> tag is modified in the following manner:
    Original <IFRAME> tag: 
    <IFRAME ID="idOWSFrame" FRAMEBORDER="0" NAME="idOWSFrame" SCROLLING="AUTO" STYLE="display: block;
     width: 100%; height: 100%;"></IFRAME>
    New <IFRAME> tag: 
    <IFRAME ID="idOWSFrame" FRAMEBORDER="0" NAME="idOWSFrame" SCROLLING="AUTO" STYLE="display: block;
     width: 100%; height: 100%;" SRC="../library/IEFrameWarningBypass.htm"></IFRAME>
  6. After you modify each <IFRAME> tag in the file, click Save, and then close the file.
  7. Repeat steps 3 through 6 for each file that is listed in steps 1 and 2.
  8. On your Project Server 2003-based computer, locate the following files in the C:\Program Files\Common Files\Microsoft Shared\web server extensions\60\TEMPLATE\LAYOUTS\1033\PWAINC\ folder:
    • Custom.js
    • Pwadoc.js
    • Pwaissue.js
  9. Open the Custom.js file in Notepad.
  10. On the Edit menu, click Find, type <IFRAME in the Find what box, and then click Find Next.
  11. For each <IFRAME> tag in the file that does not have the following parameter, add the following text:

    SRC=\"/_layouts/pwainc/IEFrameWarningBypass.htm\"


    For example, for the Pwaissue.js file, an <IFRAME> tag is modified in the following manner:
    Original <IFRAME> tag: 
    <IFRAME ID=\"idForPWAIFrame\" NAME=\"idForPWAIFrame\" SCROLLING=\"YES\" STYLE=\"display: none; width: 90%; 
    height: 20%;\"></IFRAME>";
    NEW <IFRAME> tag: 
    <IFRAME ID=\"idForPWAIFrame\" NAME=\"idForPWAIFrame\" SCROLLING=\"YES\" STYLE=\"display: none; width: 90%; 
    height: 20%;\" SRC=\"/_layouts/pwainc/IEFrameWarningBypass.htm\"></IFRAME>" SRC=\"/_layouts/pwainc/IEFrameWarningBypass.htm\";
  12. After you modify each <IFRAME> tag in the file, click Save, and then close the file.
  13. Repeat steps 9 through 12 for each file that is listed in step 8.
  14. Create the IEFrameWarningBypass.htm file. To do this, follow these steps:
    1. In Notepad, create a blank document, and then type the following HTML code: 
       <!-- Suppressing Internet Explorer warning on IFRAME in SSL secured page -->
<!-- _lcid="1033" _version="11.0.5329" _dal="1" -->
<!-- _LocalBinding -->
<HTML>
</HTML>
    2. On the File menu, click Save, and then type IEFrameWarningBypass.htm for the file name, and then save the file in the following folder:

      c:\Program Files\Common Files\Microsoft Shared\web server extensions\60\template\layouts\1033\pwainc

  15. Verify that the IEFrameWarningBypass.htm file exists in the following folder:

    c:\Program Files\Common Files\Microsoft Shared\web server extensions\60\template\layouts\1033\pwainc

  16. Click Start, click Run, type IISReset, and then click OK.
  17. On client computers that are connecting to Project Server 2003, delete the Internet Explorer temporary file cache. To do this, follow these steps:
    1. Start Internet Explorer.
    2. On the Tools menu, click Internet Options.
    3. On the General tab, click Delete Files.
    4. Click to select the Delete all offline content check box.
    5. Click OK, and then click OK.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:

261188 Security warning message occurs when you browse to a page that contains an IFRAME through SSL

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Modification Type:MinorLast Reviewed:5/16/2005
Keywords:kbQFE kbfix kbProjectServer2003preSP1fix kbBug KB842779 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.