I saw your comment on my blog about my RSH redo and realized that you wrote for Agile Ajax. I thought it appropriate to answer your question here:

“Did you find a way around this problem (the issue with replacing document.write with standard DOM methods), or were you only testing your solution while staying within your own app?”

No, I did not find a solution. It had slipped my mind to try to leave the site and come back and, yes, it is broken with my method. I have also, been debugging forward button issues in IE, which are probably related to this. Let me know if you ever find a way around it.

Also, a warning. If you modeled your IFRAME creation after me, it will error in IE 6 on SSL servers:

iframe = getBodyElement().appendChild(document.createElement(’iframe’));
iframe.id = ‘DhtmlHistoryFrame’;
iframe.name = ‘DhtmlHistoryFrame’;
iframe.src = ‘blank.html?’ + initialHash;
iframe.style.border = ‘0px’;
iframe.style.bottom = ‘0px’;
iframe.style.height = ‘1px’;
iframe.style.position = ‘absolute’;
iframe.style.right = ‘0px’;
iframe.style.visibility = ‘visible’;
iframe.style.width = ‘1px’;

The problem is that the IFRAME is appended to the document with an empty SRC attribute, which IE treats as coming from a non-secure source. To fix this move the append to the end; I changed:

iframe = document.appendChild(document.createElement(’iframe’));

to:

iframe = document.createElement(’iframe’);

and added to the end of the code block:

getBodyElement().appendChild(iframe);

the “getBodyElement” function is just an X-Browser method I use to find the body tag.

Thanks for all your hard work.