We just upgraded to 4.2.4 (running Oracle 10g) and were testing our applications when we came across an issue. We have 1 application that has mostly static links on various tabs. One of the tabs/pages (let's call this Page 1) contains an HTML region that displays an IFRAME which embeds the report from Page 2. Page 2 is a Popup Template and also contains an IFRAME in an HTML region which embeds Page 3. Each IFRAME is displaying a report. When a user selects a value on the report in Page 1, the IFRAME on Page 2 is displayed with sub-records of the record selected. If the user changes their selection on Page 1, the values in the IFRAME change. The Page 3 works the same way...showing sub-sub records of what is selected in the IFRAME for Page 2.
I can navigate through all of the tabs, but after I select the tab for Page 1, I am not able to access any of the other pages. Basically I cannot perform any submit actions once Page 1 has been loaded. If I try to navigate away from Page 1 I get the following error message:
'Contact your application administer. Page protection violation: This may be caused by submitting a page that had not yet finished loading or by manual alteration of protected page items. For further assistance, please contact the application administer.'
The page has definitely finished loading...I even waited a full minute. I read some threads that talked about the security settings being changed in APEX version 4.1.1 and how those errors could be related to the HIDDEN items being protected. I changed ALL of the hidden items in the application to 'Value Protected = No' and I still get the error. I changed the Browser Cache value for all 3 pages (Page 1, Page 2 and Page 3) to Disabled and I changed the Deep Linking values for all 3 pages (I tried Enabled and Disabled) and I still get the error message.
I do not have any problems on any other page...I am able to add/delete users on the Access Control page which performs a submit action. After I navigate to Page 1 the only way I'm able to access any of the other pages is to close out and run the application again.
We did not have this problem on our previous version which was 4.0.2. I think the problem is related to the IFRAMES but I cannot pinpoint what the problem is.
Any ideas on what the problem could be? Please let me know if you need more information.
It's there in 4.2.4. Here's how I get to it.
Edit the application in the Application Builder and click on the "Edit Applications Properties" button. (Or from the application's shared components page click the "Edit Definition" link in the right-side application sidebar region).
On the application definition page I see four tabs: Definition, Security, Globalization, User Interface. Click on the Security tab.
In that tab are several sections: Authentication, Authorization, Database Schema, Session Timeout, Session State Protection, Browser Security, Database Session.
Browser Security is near the bottom with three fields: Cache, Embed in Frames, HTML Escaping Mode.
Compatibility Mode was set to Pre 4.1...I assume it was set to that because we were on version 4.0 before we upgraded? When I changed it to 4.1 I now see the Browser Security section. I have Cache enabled, Embed in Frames is set to Allow, and HTML Escaping Mode is set to Extended. I still cannot perform any Submit events once the page with the IFRAMES has loaded. I can see the IFRAMES and navigate from record to record, I just can't perform a Submit. Any other ideas?
I checked out the thread and so far no go. I do have an example on my workspace if you want to take a look. It's not the same application (the one in production is on a different network without internet access) but it functions exactly the same. I'm using the same code.
Application # 39884 - jQuery Test
If you click on the numbers (1 or 2) in the View Managers column the iFRAME "Managers" will appear. If you click on the tab in the upper right corner, Page 101, you'll get the error message.
Please let me know if you can see anything that might be the cause.
I've changed the self-closing IFRAME elements to have a matching close tag and it seems to have made a difference.
<IFRAME .... />
<IFRAME .... ></IFRAME>
I'm not sure why but perhaps the process that computes the page checksum isn't recognizing the iframe elements correctly which results in a bad checksum.