Lodi 291 online casino games gameplay download,Velocity of bouncing ball.Recharge Every day and Get Bonus up-to 50%!

Resolved feedmeastraycat
(@feedmeastraycat)

2 years, 11 months ago
Hey,

I tried searching but I couldnt find anything.

It seems the js matcher for iframe domains always adds a trailing slash. So if I add https://example.com as my approved URL it matches it against https://example.com/.

But I have an iframe that is dynamically loaded using js and the src is something like https://example.com?_=0.3833552471334518&ref=&language=

If I add https://example.com I get no errors in the console of blocked content. But I still get the plugin error screen covering the iframe. (The iframe is loaded behind it).

If I add https://example.com* I get errors from Safari saying "The source list for Content Security Policy directive 'frame-src' contains an invalid source: 'https://theiframedomain.com*'. It will be ignored.", the content is blocked, but I don’t get the plugin error covering the frame.

Is there someway to get around this? The only workaround I have now is to add https://* to allow all domains. That seems to do the trick. It doesnt give me any errors in Safari, and I dont get the js er

The embedding is from workbuster (.com) and I dont think I can get them to change the iframe URL to something not dynamic.

Is there some way to fix this? ??

Regards,
David
- This topic was modified 2 years, 11 months ago by feedmeastraycat.
- This topic was modified 2 years, 11 months ago by feedmeastraycat.

Viewing 7 replies - 1 through 7 (of 7 total)

Thread Starter feedmeastraycat
(@feedmeastraycat)

2 years, 11 months ago
Just did this quick and dirty test by removing:
iframeHostname = cookiesAndContentPolicyTrailingSlash(iframeHostname);
and:
domainRule = cookiesAndContentPolicyTrailingSlash(domainRule);

And then changing this:
```
function cookiesAndContentPolicyGetHostname(url) {
	if (url) {
	    var m = url.match(/^(?:http:\/\/|www\.|https:\/\/|\/\/)([^\/]+)+/);
	    return m ? m[0].split("?")[0] : null;
    }
}
```
So it compares without adding a trailing slash and spliting at “?” and removing whatever after for the compare. And that matches fine. And it gives me no browser errors.

But I have to add https://example.com as the trusted domain.

If I add it with a trailing slash browser approves it but now the js doesnt match and gives me the error overlay again.

Anyway. Not sure this is a patch you want to do though. You might have reasons. ?? But let me know once you have had a look. I have to run with my “allow all domains” hack for a bit. But I dont think we can remove workbuster so I might have to switch cookie plugin if this is not something that can be fixed in the plugin.

/D
Plugin Author Johan Jonk Stenstr?m
(@jonkastonka)

2 years, 11 months ago

I’ll take a look at is. But can you try to add a trailing slash to the iframe like https://example.com/?_=0.3833552471334518&ref=&language= instead?
Thread Starter feedmeastraycat
(@feedmeastraycat)

2 years, 11 months ago
@jonkastonka Thanks!

The URL of the iframe is decided by some js embed code. Its like a widget. I paste a div and a script tag from workbuster and the js creates and loads the iframe.

I did a bunch of tests and wrote a long piece of text here but it boils down to the missing / in the iframe src.

The JS widget I include creates an iframe where the src is //x.workbuster.com?_[...].

The only issue here is the missing “/” in the end before “?”. If I hard code the iframe and add “/” it works.

So this iframe works:
<iframe src="//x.workbuster.com/?_=0.1965608425166907&ref=&language=">

But this does not:
<iframe src="//x.workbuster.com?_=0.1965608425166907&ref=&language=">

Both is approved by Safari by adding https://x.workbuster.com as my approved domain. But the second one is not approved by the plugin js so I get the error overlay.
- This reply was modified 2 years, 11 months ago by feedmeastraycat.
Plugin Author Johan Jonk Stenstr?m
(@jonkastonka)

2 years, 11 months ago

Allright. I will take a look at this in a near future.

Thread Starter feedmeastraycat
(@feedmeastraycat)

2 years, 11 months ago

Tack! ??

Plugin Author Johan Jonk Stenstr?m
(@jonkastonka)

2 years, 10 months ago

Try the latest update (1.99)

Thread Starter feedmeastraycat
(@feedmeastraycat)

2 years, 9 months ago

@jonkastonka Sorry for the late response here. I just got around to test it and it does seem to work now!

If you wanna see you can look here:
https://swedishcommittee.org/about/vacanciesafghanstaff/

There is an frame there which is blocked unless you accept “experience” (or all) cookies.

Tack!

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Iframe URLs that does not end with “/”’ is closed to new replies.