r56669 Reproducibility: always Steps: 1. Go to https://ebank.fbb.gr/ 2. Log in with your e-banking credentials. 3. Click on "Secure Transactions" and from drop down select "Request Certificate". What happened: 3. Content is not rendered. The "Request Certificate" link is javascript:SubmitMenu('PT_PIN_CERTREQ') In WebKit Console is see: transmenu_res.asp:323<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:324<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:325<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:326<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:327<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:328<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:329<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:330<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:331<input> is not allowed inside <tbody>. Inserting <input> before the <table> instead. transmenu_res.asp:340Unmatched </font> encountered. Ignoring tag. transmenu_res.asp:102ReferenceError: Can't find variable: postLoad If I copy the highlighted line in Elements I get: <body onload="init();postLoad()"> <script text="text/javascript" src="js/common.js"></script> <table width="760" align="center" cellpadding="0" cellspacing="0" class="maintable"> <tbody><tr valign="middle"><td align="center"> <table border="0" width="760" cellspacing="0" cellpadding="0"> <tbody><tr> <td width="760" align="left" height="66px" valign="top" colspan="3"> <table border="0" cellspacing="0" cellpadding="0"> <tbody><tr class="uppertopbg" height="15px"> <td align="right" class="link"><a href="logoutr.asp">&nbsp;Exit&nbsp;</a></td> </tr> <tr> <td align="left" valign="top" class="topbottomonepxbrd"><img src="images/mainbg.jpg" border="0"></td> </tr> <tr class="menubg" height="15px"> <td align="right" width="760"> <script language="javascript1.2" type="text/javascript"> var timerID = null; var timerOn = false; var timecount = 1000; // Change this to the time delay that you desire var what = null; var newbrowser = true; var check = false; function init() { if (document.layers) { layerRef="document.layers"; styleSwitch=""; visibleVar="show"; what ="ns4"; } else if(document.all) { layerRef="document.all"; styleSwitch=".style"; visibleVar="visible"; what ="ie4"; } else if(document.getElementById) { layerRef="document.getElementByID"; styleSwitch=".style"; visibleVar="visible"; what="dom1"; } else { what="none"; newbrowser = false; } check = true; } // Toggles the layer visibility on function showLayer(layerName) { if(check) { if (what =="none") { return; } else if (what == "dom1") { document.getElementById(layerName).style.visibility="visible"; } else { eval(layerRef+'["'+layerName+'"]'+styleSwitch+'.visibility="visible"'); } } else { return; } } // Toggles the layer visibility off function hideLayer(layerName) { if(check) { if (what =="none") { return; } else if (what == "dom1") { document.getElementById(layerName).style.visibility="hidden"; } else { eval(layerRef+'["'+layerName+'"]'+styleSwitch+'.visibility="hidden"'); } } else { return; } } function hideAll() { hideLayer('Accounts');hideLayer('Transfers');hideLayer('Secure Transactions'); } function startTime() { if (timerOn == false) { timerID=setTimeout( "hideAll()" , timecount); timerOn = true; } } function stopTime() { if (timerOn) { clearTimeout(timerID); timerID = null; timerOn = false; } } function onLoad() { init(); } function SubmitMenu(a_transid) { document.TrnMenu.transid.value = a_transid ; document.TrnMenu.submit(); } window.defaultStatus = "FBB eBanking" ; function OnFormSubmit() { document.cookie = "abandon_session=1" ; } </script> <form method="POST" action="transmenu_res.asp" name="TrnMenu"> <table border="0" cellspacing="0" cellpadding="0" align="center"> <tbody><tr valign="middle"> <td> <span> <div id="home"> <table cellpadding="0" cellspacing="0"> <tbody><tr><td class="menutop" nowrap=""> <a href="javascript:SubmitMenu('MAIN')">Home&nbsp;|<br></a> </td></tr> </tbody></table> </div> </span> </td> <td> <span class="menuspan" onmouseover="hideAll(); showLayer('Accounts'); stopTime()" onmouseout="startTime();">Accounts&nbsp;|<br> <div id="Accounts" class="menu" style="position: absolute; height: 20px; width: 200px; z-index: 10; visibility: hidden; "> <table cellpadding="0" cellspacing="0" class="menutable"> <tbody><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('BALANCEREQ')">Balance Inquiry</a></td></tr><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('MINI_STMNT')">Account History</a></td></tr><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('TRANS_LOG')">Transaction log</a></td></tr><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('PT_ALIAS_CHG')">Account Aliases</a></td></tr> </tbody></table> </div> </span> </td> <td> <span class="menuspan" onmouseover="hideAll(); showLayer('Transfers'); stopTime()" onmouseout="startTime();">Transfers&nbsp;|<br> <div id="Transfers" class="menu" style="position: absolute; height: 20px; width: 200px; z-index: 10; visibility: hidden; "> <table cellpadding="0" cellspacing="0" class="menutable"> <tbody><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('TRANSFERREQ')">Linked Accounts</a></td></tr><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('REMITTANCE')">Third Party Accounts</a></td></tr> <tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('SWIFT')">SWIFT transfer</a></td></tr> <tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('DIASCREDITSTP')">Transfer to domestic bank</a></td></tr> </tbody></table> </div> </span> </td> <td> <div id="home"> <table cellpadding="0" cellspacing="0"> <tbody><tr><td class="menutop" nowrap=""> <a href="javascript:SubmitMenu('PAYMENTS')">Payments&nbsp;|<br></a> </td></tr> </tbody></table> </div> </td> <td> <span class="menuspan" onmouseover="hideAll(); showLayer('Secure Transactions'); stopTime()" onmouseout="startTime();">Secure Transactions<br> <div id="Secure Transactions" class="menu" style="position: absolute; width: 200px; height: 20px; z-index: 10; visibility: hidden; "> <table cellpadding="0" cellspacing="0" class="menutable"> <tbody><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('PT_PIN_CHG')">PIN Change</a></td></tr><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('PT_PIN_BLK')">PIN Block</a></td></tr><tr><td class="menutd" nowrap=""><a href="javascript:SubmitMenu('PT_PIN_CERTREQ')">Request Certificate</a></td></tr> </tbody></table> </div> </span> </td> </tr><tr> </tr></tbody></table> <input type="hidden" name="transid"> </form> </td> </tr> </tbody></table> </td> </tr> <tr> <td height="400px" colspan="3" align="center"> <div class="maindiv" id="maindiv"> <form name="UIForm" onsubmit="goNext();return false;" method="Post" autocomplete="OFF"> <input type="Hidden" name="SourcePage" value="certrqbi"> <p> <input id="tbCommonName" type="hidden" name="tbCommonName" value="dapostol#1"><input id="locTbEmail" type="hidden" name="tbEmail" value=" "><input id="locTbOrg" type="hidden" name="tbOrg" value="FBB - First Business Bank S.A."><input id="locTbOrgUnit" type="hidden" name="tbOrgUnit" value="IT Department"><input id="locTbLocality" type="hidden" name="tbLocality" value="ATHENS"><input id="locTbState" type="hidden" name="tbState" value="ATHENS"><input id="locTbCountry" type="hidden" name="tbCountry" value="GR"><input id="loctbSubjectG" type="hidden" name="tbSubjectG" value="APOSTOLOU"><input id="transid" type="hidden" name="transid" value="PT_PIN_CERTTEMPLREQ"><table border="0" cellspacing="0" cellpadding="0"> <tbody> </tbody></table> </p></form> <!-- ############################################################ --> <!-- End of standard text. Scripts follow --> <script language="VBSCRIPT"> Const ContextUser = 1 Const ContextMachine = 2 Const CR_OUT_BASE64HEADER = &H00000000 Const CR_OUT_BASE64 = &H00000001 Const CR_OUT_BINARY = &H00000002 Const CRYPT_STRING_ANY = &H00000007 Const CR_OUT_CHAIN = &H00000100 Const FR_PROP_FULLRESPONSE = &H00000001 Const PROPTYPE_BINARY = &H00000003 Const CERT_DATA_ENCIPHERMENT_KEY_USAGE = &H10 Const CERT_KEY_ENCIPHERMENT_KEY_USAGE = &H20 Const CERT_NON_REPUDIATION_KEY_USAGE = &H40 Const CERT_DIGITAL_SIGNATURE_KEY_USAGE = &H80 Const CERT_SYSTEM_STORE_LOCAL_MACHINE = &H20000 Const CRYPT_MACHINE_KEYSET = &H20 Const XECT_EXTENSION_V1 = 1 Const XCN_CRYPT_UNKNOWN_INTERFACE = 0 Const XCN_NCRYPT_ALLOW_EXPORT_FLAG = 1 Const XCN_CRYPT_HASH_INTERFACE = 2 Const XCN_CRYPT_SECRET_AGREEMENT_INTERFACE = 4 Const XCN_CRYPT_SIGNATURE_INTERFACE = 5 Const XCN_NCRYPT_UI_NO_PROTECTION_FLAG = 0 Const XCN_NCRYPT_UI_PROTECT_KEY_FLAG = 1 Const szOID_PKIX_KP_CODE_SIGNING = "1.3.6.1.5.5.7.3.3" Const SPC_INDIVIDUAL_SP_KEY_PURPOSE_OBJID = "1.3.6.1.4.1.311.2.1.21" Const SPC_COMMERCIAL_SP_KEY_PURPOSE_OBJID = "1.3.6.1.4.1.311.2.1.22" Const CERTENROLL_INDEX_BASE = 0 Const PROV_SSL = 6 Const PROV_RSA_SCHANNEL = 12 Const AllowNone = 0 Const AllowUntrustedRoot = 4 Const AlgorithmFlagsNone = 0 </script> <script language="JavaScript"> // // Implement the GenKeyFlags routine in Javascript // because its easier to perform bitwise manipulation // function XEp_SetGenKeyFlags(objPrivateKey, nGenKeyFlags) { } </script> <script language="VBSCRIPT"> '---------------------------------------------------------------------- ' ' ENROLLMENT OBJECT PROXIES ' ' Routines which operate on either ' ' a) an instance of the IX509Enrollment interface (Longhorn+) ' or b) xenroll (downlevels) ' '---------------------------------------------------------------------- Function XE_Enroll_AcceptResponse(objEnroll, sPKCS7, bMachine) If True = bMachine Then objEnroll.MyStoreFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE objEnroll.RequestStoreFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE objEnroll.RootStoreFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE objEnroll.CAStoreFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE End If objEnroll.SPCFileName="" objEnroll.acceptResponse(sPKCS7) ' True=bLH End Function Function XE_Enroll_addFriendlyNameToRequest(objEnroll, sName) Const CERT_FRIENDLY_NAME_PROP_ID = 11 Const XECP_STRING_PROPERTY = 1 Call objEnroll.addBlobPropertyToCertificate(CERT_FRIENDLY_NAME_PROP_ID, XECP_STRING_PROPERTY, document.UIForm.tbFriendlyName.value) End Function Function XE_Enroll_CreateRequest(objEnroll, lFlags, sDistinguishedName, sCertUsage) XE_Enroll_CreateRequest = objEnroll.CreateRequest(lFlags, sDistinguishedName, sCertUsage) End Function Function XE_Enroll_InstallPKCS7Ex(objEnroll, sPKCS7) XE_Enroll_InstallPKCS7Ex = objEnroll.InstallPKCS7Ex(sPKCS7) End Function '---------------------------------------------------------------------- ' ' PRIVATEKEY OBJECT PROXIES ' ' Routines which operate on either ' ' a) an instance of the IX509PrivateKey interface (Longhorn+) ' or b) xenroll (downlevels) ' '---------------------------------------------------------------------- Function XE_PrivateKey_GetKeyLenEx(objPrivateKey, nSizeSpec, nKeySpec) XE_PrivateKey_GetKeyLenEx = objPrivateKey.GetKeyLenEx(nSizeSpec, nKeySpec) End Function Function XE_PrivateKey_SetProviderNameAndType( _ objPrivateKey, _ sProviderName, _ nProviderType _ ) objPrivateKey.ProviderName = sProviderName objPrivateKey.ProviderType = nProviderType ' True=bLH End Function '---------------------------------------------------------------------- ' ' REQUEST OBJECT PROXIES ' ' Routines which operate on either ' ' a) an instance of the IX509CertificateRequestPKCS10 interface (Longhorn+) ' or b) xenroll (downlevels) ' '---------------------------------------------------------------------- Function XE_Request_addCertTypeToRequestEx( _ objRequest, _ nType, _ sOIDOrName, _ nMajorVersion, _ bMinorVersion, _ nMinorVersion _ ) Call objRequest.addCertTypeToRequestEx(nType, sOIDOrName, nMajorVersion, bMinorVersion, nMinorVersion) End Function Function XE_Request_AddDistinguishedName(objRequest, sDN) ' Nothing to do here -- XENROLL does this in the CreateRequest call End Function Function XE_Request_AddEKUToRequest(objRequest, sCertUsage) ' ' Nothing to do in the non-LH case ' End Function Function XE_Request_EnableSMIMECapabilities(objRequest, bEnable) objRequest.EnableSMIMECapabilities = bEnable End Function Function XE_Request_GetSupportedKeySpec(objPrivateKey) Dim nSupportedKeyUsages nSupportedKeyUsages = objPrivateKey.GetSupportedKeySpec() if 0 = nSupportedKeyUsages Then nSupportedKeyUsages = AT_SIGNATURE And AT_KEYEXCHANGE End If XE_Request_GetSupportedKeySpec = nSupportedKeyUsages ' True=bLH End Function Function XE_Request_InitializeCspInformation( _ objRequest, _ objPrivateKey, _ bMachine, _ nKeySpec, _ nGenKeyFlags, _ sProviderName, _ nProviderType, _ sContainerName, _ bReuseKey _ ) objRequest.UseExistingKeySet = bReuseKey objRequest.ProviderName = sProviderName objRequest.ProviderType = nProviderType objRequest.GenKeyFlags = nGenKeyFlags If Not 0=nKeySpec Then objRequest.KeySpec = nKeySpec End If If bReuseKey Then objRequest.ContainerName = sContainerName Else If Not ""=sContainerName Then objRequest.ContainerName = sContainerName End If End If If bMachine Then objRequest.RequestStoreFlags = CERT_SYSTEM_STORE_LOCAL_MACHINE objRequest.ProviderFlags = CRYPT_MACHINE_KEYSET End If ' True=bLH If 0<>Err.Number Then XE_Request_InitializeCspInformation = Err.Number Exit Function Else XE_Request_InitializeCspInformation = 0 End If End Function Function XE_Request_LimitExchangeKeyToEncipherment(objRequest, bLimitToEncipherment, nKeySpec) objRequest.LimitExchangeKeyToEncipherment = bLimitToEncipherment End Function Function XE_Request_SetHashAlgorithm(objRequest, vHashAlgorithm) objRequest.HashAlgID = vHashAlgorithm End Function '---------------------------------------------------------------------- ' ' CMC OBJECT PROXIES ' ' Routines which operate on either ' ' a) an instance of the IX509CertificateRequestCMC interface (Longhorn+) ' or b) xenroll (downlevels) ' '---------------------------------------------------------------------- Function XE_CMC_SetArchivalCertificate(objCMC, sCAExchangeCert) objCMC.PrivateKeyArchiveCertificate = sCAExchangeCert XE_CMC_SetArchivalCertificate = Err.Number End Function '---------------------------------------------------------------------- ' ' GENERAL UTILITY ROUTINES ' '---------------------------------------------------------------------- Function XE_GetProviderType(sProviderName) XE_GetProviderType = g_objEnroll.getProviderType(sProviderName) ' True=bLH End Function Function XE_InitializeEnrollObject(objRequest) End Function Function XE_InitializeCmcObject() End Function Function XE_LegacyCsp(sProviderName) XE_LegacyCsp = True End Function Function XE_reset() g_objEnroll.reset() End Function Function XE_ReuseHardwareKeyIfUnableToGenNew(bReuse) g_objEnroll.ReuseHardwareKeyIfUnableToGenNew = bReuse End Function </script> <script language="JavaScript"> //---------------------------------------------------------------- // convert a (signed) number into a (unsigned) hex string function toHex(number) { var sRight=(number&0x0FFFFFFF).toString(16).toUpperCase(); sRight="0000000".substring(0, 7-sRight.length)+sRight; return ((number>>28)&0x0000000F).toString(16).toUpperCase()+sRight; } </script> <script language="JavaScript"> //---------------------------------------------------------------- // Show the message in the status bar and in the middle of the screen (DHTML only) function ShowTransientMessage(sMessage) { window.status=sMessage; } //---------------------------------------------------------------- // hide the message box function HideTransientMessage() { window.status=""; } </script> <script language="JavaScript"> var CTINFO_INDEX_OFFLINE =0; var CTINFO_INDEX_REALNAME =1; var CTINFO_INDEX_KEYSPEC =2; var CTINFO_INDEX_KEYFLAG =3; var CTINFO_INDEX_ENROLLFLAG =4; var CTINFO_INDEX_PRIVATEKEYFLAG =5; var CTINFO_INDEX_SUBJECTFLAG =6; var CTINFO_INDEX_RASIGNATURE =7; var CTINFO_INDEX_CSPLIST =8; var CTINFO_INDEX_EXTOID =9; var CTINFO_INDEX_EXTMAJ =10; var CTINFO_INDEX_EXTFMIN =11; var CTINFO_INDEX_EXTMIN =12; var CTINFO_INDEX_FRIENDLYNAME=13; function getTemplateStringInfo(nIndex, sInTemplate) { //extract sub string from template string in a format //of "substr1;substr2;substr3;substr4;..." //";" is the separator, index starts from 0 var nTemplateIndex, sTemplate; if (null == sInTemplate) { //nTemplateIndex=document.UIForm.lbCertTemplate.selectedIndex; //sTemplate=document.UIForm.lbCertTemplate.options[nTemplateIndex].value; } else { sTemplate = sInTemplate; } var sTemp = sTemplate; var n, m, nEnd; var fFound = true; //find sub-string start location for (n = 0; n < nIndex; ++n) { m = sTemp.indexOf(";"); if (-1 == m) { fFound = false; break; } sTemp = sTemp.substr(m+1); } if (fFound) { //sTemp starts from the substring, find end index nEnd = sTemp.indexOf(";"); if (-1 != nEnd) { sTemp = sTemp.substring(0, nEnd); } } else { sTemp = ""; } return sTemp; } </script> <script language="JavaScript"> //================================================================ // PAGE GLOBAL VARIABLES //---------------------------------------------------------------- // Strings to be localized var L_StillLoading_ErrorMessage="This page has not finished loading yet. Please wait a few seconds and try again."; var L_Generating_Message="Generating request..."; var L_NotTrustedSite_ErrorMessage="In order to complete certificate enrollment, the Web site for the CA must be configured to use HTTPS authentication."; ; var L_BadChars_ErrorMessage="The name field may not be blank. The e-mail address may contain the characters A-Z, a-z, 0-9, and some common symbols, but no extended characters. The country/region field must be a two letter ISO 3166 country/region code."; // We start with this variable true since it doesn't do anything // for Netscape anyway. var g_bOkToSubmit=true; var g_bSubmitPending=false; //================================================================ // SUBMIT ROUTINES //---------------------------------------------------------------- // determine what to do when the submit button is pressed function goNext() { if (false==g_bOkToSubmit) { alert(L_StillLoading_ErrorMessage); return false; } else if (true==g_bSubmitPending) { // ignore this, as there is UI already. return false; } else { return SubmitRequest(); } } //---------------------------------------------------------------- // check for invalid characters var gc_IA5Chars=" !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKMLNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~" function isValidIA5String(sSource) { var nIndex; for (nIndex=sSource.length-1; nIndex>=0; nIndex--) { //if (sSource.charCodeAt(nIndex)>127) { // NOTE: this is better, but not compatible with old browsers. if (-1==gc_IA5Chars.indexOf(sSource.charAt(nIndex))) { return false; } }; return true; } //---------------------------------------------------------------- // check for invalid characters function isValidCountryField(tbCountry) { tbCountry.value=tbCountry.value.toUpperCase(); var sSource=tbCountry.value; var nIndex, ch; if (0!=sSource.length && 2!=sSource.length) { return false; } for (nIndex=sSource.length-1; nIndex>=0; nIndex--) { ch=sSource.charAt(nIndex) if (ch<"A" || ch>"Z") { return false; } }; return true; } //---------------------------------------------------------------- // set a label to normal style function markLabelNormal(spn) { } //---------------------------------------------------------------- // set a label to error state function markLabelError(spn) { } //---------------------------------------------------------------- // check that the form has data in it function validateRequest() { // work around for NN: label marking does nothing var spnNameLabel, spnEmailLabel, spnCompanyLabel, spnDepartmentLabel, spnCityLabel, spnStateLabel, spnCountryLabel; markLabelNormal(spnNameLabel); markLabelNormal(spnEmailLabel); markLabelNormal(spnCompanyLabel); markLabelNormal(spnDepartmentLabel); markLabelNormal(spnCityLabel); markLabelNormal(spnStateLabel); markLabelNormal(spnCountryLabel); var bOK=true; var fldFocusMe=null; // check in 'reverse' order so that focus gets set to last item // don't set focus immediately because we'd get funny scrolling effects. if (false==isValidCountryField(document.UIForm.tbCountry)) { bOK=false; fldFocusMe=document.UIForm.tbCountry; markLabelError(spnCountryLabel); } // document.UIForm.tbState.value OK // document.UIForm.tbLocality.value OK // document.UIForm.tbOrgUnit.value OK // document.UIForm.tbOrg.value OK if (false==isValidIA5String(document.UIForm.tbEmail.value) ) { bOK=false; fldFocusMe=document.UIForm.tbEmail; markLabelError(spnEmailLabel); } if (""==document.UIForm.tbCommonName.value) { bOK=false; fldFocusMe=document.UIForm.tbCommonName; markLabelError(spnNameLabel); } if (false==bOK) { alert (L_BadChars_ErrorMessage); fldFocusMe.focus(); } return bOK; } //---------------------------------------------------------------- // NN SPECIFIC: function SubmitRequest() { // check that the form is filled in //if (false==validateRequest()) { // return false; //} ShowTransientMessage(L_Generating_Message); // set defaults for values we need on install var sAttrib="challenge: provePequalsNP\r\n"; if (""!=document.UIForm.tbCountry.value) { sAttrib+= "country: "+document.UIForm.tbCountry.value +"\r\n"; } if (""!=document.UIForm.tbState.value) { sAttrib+= "state: "+document.UIForm.tbState.value +"\r\n"; } if (""!=document.UIForm.tbLocality.value) { sAttrib+= "locality: "+document.UIForm.tbLocality.value +"\r\n"; } if (""!=document.UIForm.tbOrg.value) { sAttrib+= "org: "+document.UIForm.tbOrg.value +"\r\n"; } if (""!=document.UIForm.tbOrgUnit.value) { sAttrib+= "orgunit: "+document.UIForm.tbOrgUnit.value +"\r\n"; } if (""!=document.UIForm.tbEmail.value) { sAttrib+= "email: "+document.UIForm.tbEmail.value +"\r\n"; } if (""!=document.UIForm.tbCommonName.value) { sAttrib+="commonname: "+document.UIForm.tbCommonName.value+"\r\n"; } sAttrib+="CertificateUsage: 1.3.6.1.5.5.7.3.2\r\n"; sAttrib+="UserAgentString: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/533.3+ (KHTML, like Gecko) Version/4.0.5 Safari/531.22.7\r\n"; document.SubmittedData.CertAttrib.value=sAttrib; document.SubmittedData.TargetStoreFlags.value=0; // 0=Use default (=user store), but ignored by Netscape document.SubmittedData.SaveCert.value="no"; document.SubmittedData.Mode.value="newreq NN"; document.SubmittedData.FriendlyType.value="Web Browser Certificate"; // append the local date to the type document.SubmittedData.FriendlyType.value+=" ("+(new Date()).toLocaleString()+")"; // keygen and submit return true; } </script> </div> </td> </tr> <tr> <td colspan="3" align="center"><span class="11tahoma">29/3/2010 &nbsp;&nbsp;Copyright, &nbsp;&nbsp; FBB - First Business Bank S.A.</span></td> </tr> <tr align="center" class="footerbg"> <td colspan="3" class="link"> <a href="javascript:popUp2('faq.asp?lang=EN','specs','790','478',0)">&nbsp;Information&nbsp;</a>&nbsp;&nbsp; <a href="javascript:popUp2('sysreq.asp?lang=EN','specs','790','478',0)">&nbsp;System Requirements&nbsp;</a>&nbsp;&nbsp; <a href="javascript:popUp2('securityinfo.asp?lang=EN','specs','790','478',0)">&nbsp;Security&nbsp;</a>&nbsp;&nbsp; <a href="javascript:popUp2('contact.asp?lang=EN','specs','790','478',0)">&nbsp;Contact us&nbsp;</a>&nbsp;&nbsp; <a href="javascript:popUp2('feedback.asp?lang=EN','feedback','450','370',0)">&nbsp;Feedback&nbsp;</a> </td></tr> </tbody></table> </td> </tr> </tbody></table> </body> Notes: Gecko does not render the content either. Internet Explorer 8 on Windows renders it fine.