User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 Users receive a security warning, "You are about to leave an encrypted page" when a document is created via JavaScript. In our application, we have a hidden frame that is used to create dynamic form submissions to our server. The code is working fine, but every time we create the document (on the client), the user receives the security warning listed above. I am not sure why this is the case since the document is created in the browser and is never transmitted, etc. Having the same options on in IE (show warning if leaving a secure page) does not display the equivalent warning. Reproducible: Always Steps to Reproduce: 1. Enable the SSL warnings (loading, leaving a secure page) 2. Retrieve a page from a secure server that contains javascript that writes a complete document (open, write, close). 3. Execute the script on the client. Actual Results: The security warning is displayed, "You are about to leave a secure page" Expected Results: Not shown a warning since the document has been completely created on the client, thus nothing has been trasmitted allowing others to view it.

This file shows the secure warning when the link is clicked (the document is dynamically written). To show this, just put this page on a secure server. Retrieve the page via Mozilla, and click the link. (Make sure you have the SSL warnings enabled)

To PSM. The problem is probably that we treat the about:blank load that happens in there as insecure... we should special-case that.

*** Bug 165243 has been marked as a duplicate of this bug. ***

Confirming. In-house test site is https://pki.mcom.com/17730.html

That's dupe. *** This bug has been marked as a duplicate of 155760 ***

Verified.