Symptoms

Embedding a HTML widget pointing to a secure source (HTTPS) locks up ECC in Internet Explorer.

Cause

Adding a HTML widget with a HTTPS source causes Internet Explorer to prompt whether or not to display secure and insecure content at once. Allowing insecure content causes a reload of the page, which, due to vaadin framework design, reloads the HTML widget and causes the same problem again. Until this is accepted, IE will not show content from sources with different security levels.

Resolution

This is a known Vaadin/IE issue and can only be resolved by changing the client's browser settings or by running ECC through HTTPS.

The following Microsoft Knowledge Base acticle describes the client side resolutions: http://support.microsoft.com/kb/2625928
In short:

- Go to Internet Options
- Go to Security
- Change the security level of the zone ECC is in ("Custom level...")
- Under Miscellaneous, enable "Display mixed content"