Since a week or two one of our web applications is having issues.
Because in our corporate environment only IE8 and Chrome latest version are allowed,
the web application was made to work in Chrome and uses Google Chrome Frame when running in IE8.
Everything worked well until two weeks back. All of a sudden one of the actions doesn't work anymore because it calls to http://www.ourapplication.com from the https://www.ourapplication.com domain. (This is treated as cross-browser scripting)
In chrome we get to see a little shield in the browser where we then can allow to "load unsafe script" and the application still works. IN IE8 (actually hijacked by the Google Chrome Frame cuckoo's egg) I don't find any way to allow this unsafe script.
Is there a way?
Best Answer
Not 100% what I asked for, but it's possible to add the commandline switch --allow-running-insecure-content to the Google Chrome Frame command line by following this blog post .
You just have to create the following registry key :
Software\Policies\Google\Chrome\AdditionalLaunchParametersand add here the string --allow-running-insecure-content
Note: While you can do that, it's VERY UNSAFE so if anyone knows how the get the "load unsafe script" prompt in Google Chrome Frame, please do share this.
For more on the AdditionalLaunchParameters registry key see http://www.chromium.org/administrators/policy-list-3