Apex Code Development You need to sign in to do that
Don't have an account?
Vincent Ip 7 IE11 / Rerender / iframe with Sandbox attribute causes errors "Could not retrieve a valid progID of Class: Microsoft.XMLDOM."
I'm currently facing an error with an iframed visualforce page in IE10-11.
Currently, we are integrating a Salesforce.com Visualforce page into a separate non salesforce web app. Salesforce users work in a dual screen environment and will have salesforce open in one screen and this other web app open in the other. Clickjack protection off for this headerless / sidebarless Visualforce page.
The other web app has an iframe which contains this a Visualforce page, but this iframe has the “sandbox” attribute on. The Visualforce page itself uses actionFunctions to communicate with Salesforce servers and rerender to do page ui updates.
When we run this setup using Chrome / Firefox everything works as expected, but when running this in IE10-11, we get the following error.
Any advise on how we can approach this error?
For security reasons, we need to keep the Sandbox attribute on in the iframe. Also our security team will not recommend an IE security setting change (The setting name was called "Initialize and script ActiveX controlls not marked as safe for scripting". It does sound pretty scary). Right now we're thinking that our only option is to re-write the page with Javascript remoting and perform the re-rendering in javascript ourselves. Wanted to see if anyone else had other thoughts.
Much thanks in advance!
Here's some sample code which exhibit similar errors
Non salesforce web app page
VF page - IEXmlDomError
Apex Controller
Currently, we are integrating a Salesforce.com Visualforce page into a separate non salesforce web app. Salesforce users work in a dual screen environment and will have salesforce open in one screen and this other web app open in the other. Clickjack protection off for this headerless / sidebarless Visualforce page.
The other web app has an iframe which contains this a Visualforce page, but this iframe has the “sandbox” attribute on. The Visualforce page itself uses actionFunctions to communicate with Salesforce servers and rerender to do page ui updates.
When we run this setup using Chrome / Firefox everything works as expected, but when running this in IE10-11, we get the following error.
Could not retrieve a valid progID of Class: Microsoft.XMLDOM. (original exception: Error: Automation server can't create object)
Any advise on how we can approach this error?
For security reasons, we need to keep the Sandbox attribute on in the iframe. Also our security team will not recommend an IE security setting change (The setting name was called "Initialize and script ActiveX controlls not marked as safe for scripting". It does sound pretty scary). Right now we're thinking that our only option is to re-write the page with Javascript remoting and perform the re-rendering in javascript ourselves. Wanted to see if anyone else had other thoughts.
Much thanks in advance!
Here's some sample code which exhibit similar errors
Non salesforce web app page
<html> <iframe sandbox="allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms allow-modals" src="https://c.na35.visual.force.com/apex/IEXmlDomError" /> </html>
VF page - IEXmlDomError
<apex:page controller="IEXmlDomErrorController" sidebar="false" showHeader="false">
<apex:form >
<apex:actionFunction name="actionMethod" action="{!actionMethod}" rerender="rerenderPanel"/>
<input type="button" value="run action function" onClick="actionMethod();"/>
<apex:outputPanel id="rerenderPanel" layout="block">
<apex:outputPanel rendered="{!clickOccurred}">
<div style='border:1px solid red;border-radius:5px'>
Hello World!
</div>
</apex:outputPanel>
</apex:outputPanel>
</apex:form>
</apex:page>
Apex Controller
public class IEXmlDomErrorController {
public Boolean clickOccurred {get;set;}
public IEXmlDomErrorController(){
clickOccurred = false;
}
public PageReference actionMethod(){
clickOccurred=!clickOccurred;
return null;
}
}