Content Display Support
Framed Toolbar Support Through the CIE
Ivanti Connect Secure supports two kinds of browsing toolbars, the framed toolbar and the floating toolbar. The framed toolbar displays pertinent information in a frame in the Ivanti Connect Secure end-user console, whereas the floating toolbar floats over the left or right side of the user’s browser (possibly obscuring Web content). These toolbars include links to the Ivanti Connect Secure end user home page, a configurable home page, and the end user help system. Additionally, end-users can use the toolbars to sign out of their Ivanti Connect Secure sessions, add bookmarks, and see session expiration information.
If you choose to use the framed toolbar, you must keep certain guidelines in mind when creating your Web application to ensure that the application does not “break” out of the Ivanti Connect Secure frame. The following usage in your Web application could cause the framed toolbar to disappear and display the floating toolbar instead:
•Pop-ups—If your Web application opens up a popup through a window.open call, then the pop-up will not contain a frame. The parent window will continue to display the frame.
•The top variable—We recommend that you do not use the top variable when working with a frame set because after Ivanti Connect Secure intermediates the page, top might reference a different frame than you intend. This change might make the framed toolbar disappear or could cause your intermediated application to work erratically or incorrectly.
The following example includes a frame set definition that correctly names its frames. The example also shows an example of using target to properly reference a named frame.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN"
"http://www.w3.org/TR/html4/frameset.dtd">
<HTML>
<HEAD>
<TITLE>A frameset document</TITLE>
</HEAD>
<FRAMESET rows="50%,50%">
<FRAME name="fixed" src="init_fixed.html">
<FRAME name="dynamic" src="init_dynamic.html">
</FRAMESET>
</HTML>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<TITLE>A document with BASE with a specific target</TITLE>
<BASE href="http://www.mycom.com/Slides" target="dynamic">
</HEAD>
<BODY>
...beginning of the document...
</BODY>
</HTML>
•The parent variable—You can use the parent variable from within a frame set (see exception that follows), but do not use the parent variable if your Web page does not include a frame set. Also, do not use the parent variable from a JavaScript function within your topmost frame set. If you do, the application does not behave as you intend. Instead, When Ivanti Connect Secure intermediates the page, the variable references the Ivanti Connect Secure frame set instead of your intended document.
CSS Support Through the CIE
The Content Intermediation Engine supports cascading style sheets. When using cascading style sheets, make sure to set their content types to text/css. If you set an incorrect content type, errors could occur through the Content Intermediation Engine. Note that Ivanti Connect Secure does not support JavaScript in cascading style sheets.
PDF Support Through the CIE
The Content Intermediation Engine supports rewriting PDF files from all Acrobat versions when you enable the Rewrite links in PDF files option on the Users > User Roles > Role > Web > Options page of the Ivanti Connect Secure Web console. When you select this option, Ivanti Connect Secure rewrites absolute URLs (such as http://www.google.com) and relative URLs (such as http://yourcompany.intranet.net/images/../test.gif). Otherwise, if you do not select this option, Ivanti Connect Secure may not properly display PDF files with links.
Ivanti Connect Secure supports rewriting normal PDFs and linearized PDFs. A normal PDF requires the browser download the entire document before displaying it. A linearized PDF enables the browser to download parts of the document separately, thereby allowing the browser to start displaying the document before it is completely downloaded.
- Ivanti Connect Secure does not rewrite embedded streams in PDF files.
- Ivanti Connect Secure does not modify encrypted or digitally signed PDF files at all.
- Manually edited PDF files that have incorrect byte offsets do not work correctly through Ivanti Connect Secure. Even though these files might work through Acrobat 7, they are not supported through Ivanti Connect Secure.
PDF files that contain 2 objects for the same link do not work through Ivanti Connect Secure. You can check if the PDF file contains two objects for the same link by doing the following:
- Open the PDF with Acrobat with Notepad or Wordpad and look for the URI for which you would like to determine the object. (Open the PDF file with Notepad or Wordpad instead of the Acrobat Reader.)
- Look for the URI string and find out what is the object number that references this URI. The URI object is in the following format:
55 0 obj
<</S URL
...
/URI (http://www.google.com)>> endobj
where 55 is the object number.
Next check if the file contains another object with the same object number referencing a different URL. If another object with the same number is found then the PDF file cannot rewritten through the CIE engine.
Streaming Media and Video Content
Since streaming media content often contains direct network connections without the use of HTTP, the CIE cannot support it. If you deliver the streaming content through an <OBJECT> tag and one of the attributes of the tag is a URL to which an HTTP connection is made, then the content may work through Ivanti Connect Secure.