Control is not trusted

[clifq]

We have version 1.0.19 installed on-prem and we are getting this message in Chrome and IE:
"vsts-extensions-multivalue-control by ms-devlabs is taking longer than expected to load.Learn More about this extension, including available support options."
IE displays an additional message for a few seconds:
"Only secure content is displayed" with a button to "Show all content" and clicking the button allows the control to display and work great.
Chrome does not display any additional message boxes and the control never loads. I assume due to the same trust issue.

Is there any way to get the control recognized as secure so that my 50 users don't have to use IE and click that button?

[mmanela]

This typically happens when you have the control loading on HTTP and the site parent site loading on HTTPS, I think. Can you share a fiddler of the network when loading the form?

[clifq]

OK, I'll get that.

[clifq]

I have not used Fiddler before so I hope this is what you are asking for
MultiSelectControlNotTrusted.txt

[mmanela]

There is a way to save a session so we can see the total traffic. This would result in an .SAZ file. In addition you first need to do this:
Tools > Options > HTTPS > Decrypt HTTPS traffic option so we can see what is happening.

Then start fiddler (or if already running clear the log), then open the form to repro the issue then save session and send to me.

(If you don't want to share on github you can email me at my github name at microsoft.com)

[clifq]

ok, I'll get the different output and send it to you directly, thanks.

[clifq]

Sent

[mmanela]

@clifq Thanks for sending, in your fiddler trace I don't see any of the calls that the contribution should make.

Do you know what your public access url is set to in TFS management studio?

[ndc]

Happened to us as well. Public access url is set to HTTPS with full domain, but error in console said:
Mixed Content: The page at 'https://myserver.mydomain.com/tfs/mycol/myproj/myteam/_backlogs/board/Backlog%20items' was loaded over HTTPS, but requested an insecure resource 'http://myserver:8080/tfs/_apis/public/gallery/publisher/ms-devlabs/extension/vsts-extensions-multivalue-control/1.0.19/assetbyname/dist/multivalue.html'. This request has been blocked; the content must be served over HTTPS.

Control version 1.0.19. TFS version 16.122.27409.2.

[clifq]

My Public access url is also set to HTTPS.
I have tried uploading the control on both secure and insecure pages.
https://myserver:443/_gallery/manage and http://myserver:80/_gallery/manage

[clifq]

I've tried installing it on the HTTP site and HTTPS site if that matters.
The only way I can get it to load on a work item without having to "Show all content" is if I make sure it loads from an HTTP site into an HTTP site.
If HTTPs is involved at all it won't load without clicking the "Show All Content"

[ostreifel]

Closing due to inactivity, please open another issue if more information is discovered.