I've been working on a project where I need to embed Soundcloud songs. Everything works if I try to open the page in Chrome, but in Firefox, it simply shows a gray box with the Soundcloud logo in the center.
I was trying to debug it, and here's what I see in Firebug. When I open the page, it says
TypeError: this.getFlashPlugin(...).match(...) is null
and
Error: Permission denied to access property "href"
I've been searching for it since 2 days now, and I almost came to a conclusion that this can not be fixed, no matter what, then suddenly, a jsfiddle url came up in the search result and I saw soundcloud embeds working fine in both Firefox and Chrome.
Now, here's the original jsfiddle url: http://fiddle.jshell.net/Peeters_William/kpkdnrts/
What I did, was copying the exact same code, including the HTML and Javascript part to a NEW jsfiddle document which can be found here: https://jsfiddle.net/etLwq8kv/
I'm literally clueless: Why is the first fiddle working without any problems and this second one refuses to embed the songs? I believe that I have the exact same copy of the first code and still, it refuses to display..
I have even changed all the settings I saw on the first fiddle such as
CSS panel -> Normalized CSS
HTML panel -> Doctype: HTML5, Body tag:
Javascript panel -> Language: Javascript, Frameworks: No-Libary (pure JS), Load type: onLoad
Still, even if I believe that the two fiddles are the exact copies, why is this second one refusing to work properly?
Thanks in advance and have a great day everyone!
After checking the network for some clues, it became apparent to me that the script wasn't being loaded at all. I started double checking everything and I noticed that the url from the working example did differ from yours not only by the url (https://jsfiddle.net and http://fiddle.jshell.net) but also by the protocol.
In the working example, the protocol was HTTP and so was the Soundcloud's API. However, your example was in a secured connection and the API's address wasn't. Which explains the "Permission denied to access property href message."
Fortunately, Soundcloud provides a secured version of the API. I fixed your example by changing the protocol to HTTPS and it started working.
Change HTTP protocol
http://connect.soundcloud.com/sdk.js
to HTTPS
https://connect.soundcloud.com/sdk.js
Related
This is really, really weird. I developed a site offline using Apache / Strawberry Perl / Firefox. It displays data in object tags as expected, calling data from external sites.
Upload the code to server, and it will display objects where the code is on the same site ... but refuses to "pull" in data from other domains, (which I own)
If you try "http://demo.coadmem.com/members" and click on a circle on the left, a product listing appears, (served from same domain) but the ones from "cbwizard.cristofayre.com" and "cristoafayre.com/poppa" on same page refuse to appear. Yet when I set up a test using YouTube, it loads OK.
I asked the host if there was some sort of "block" that stopped the objects from loading external site, and of course their response was "we can see no problems reported in the error logs".
Also, at "http://coadmem.com/admin", there is another object at the top - which works fine offline, but from server displays a white empty "about" bar!!.
Here are two of the codes I'm using: (the cb-wizard one uses a bit of javascript to select a random keyword; too much to add here, so please view source code. Anyone see a glaring error as to why it won't work online?
<object data="http://www.cristofayre.com/cgi-bin/poppa/banner_ad.pl?u=1:aa00" width=480 height=90></object>
<object style="position:fixed;top:0px;width:100%;height:20px;" width="100%" height="20px" data="http://www.cristofayre.com/cgi-bin/admin_ad.pl?t=w"></object>
I know the scripts work, 'cos if you type the data line into a browser, the correct HTML is displayed; it just refuses to appear when on the server!
I'm wondering if there is some sort of "list" that the host might be applying that allows the majors such as Google / Youtube to be loaded into iframes / objects, but disallows 'minor' sites. (The suport team didn't seem to know anything about such a list)
** I also wondered if the "same-origin" policy is coming into play, but surely it shouldn't as that defeats the whole point of using iframes and objects in the first place.
I was "sort of" right. It wasn't that certain URL's were being blocked, rather that the frames were set up ONLY to show data that originated from the same domain as the browser was set too, (don't ask me how the YouTube iframe circumvented this rule, but there you go!)
As you can see from the above comments, the solution was to create a .htaccess file and use the command "Header always unset X-Frame-Options" which in simple terms (that I can follow) is saying "Whatever the header for the X-Frame-Option is set to, ignore it! and display the data anyway"
Perhaps this might help someone in a similar dilemma. It was certainly baffling as to why the ActiveState / Strawberry Perl version worked OFFLINE, but not online.
I have browsed the web trying to find a solution to this problem, many people have suggested disabling avast plugin, add blocker within chrome extensions yet none of these worked.
the url is https://careers.telstra.com/ you will see half way down next to the facebook feed the twitter feed is empty when using chrome, when I view this in IE, FireFox it displays as I would expect.
I've checked the console log in Firefox and I receive no errors, when I go to chrome on the other hand I see the following:
I personally do not think these are related it any way but I thought I would provide as much information as possible to try and get this fixed.
update Turns out the errors are related to google-cast-sdk instead of silently dumping the errors they have decided to dump them straight in to the console. Read more about it here
I've checked and made sure I'm referencing the correct twitter widget.
We build it as follows as pass it to the page
sb.Append("<div class=\"twitterWidget\"><a class=\"twitter-timeline\" href=\"//twitter.com/telstracareers\" data-widget-id=\"345026269295038465\" data-chrome=\"nofooter noscrollbar transparent\" data-tweet-limit=\"3\">Tweets by #telstracareers</a></div>");
The website runs under https, I have tried the following:
href=\"https://twitter.com/telstracareers\"
href=\"//twitter.com/telstracareers\"
Still have no luck, I'm not sure what else I could try any suggestions?
Thanks
I've recently got an email from Google, saying that they are going to ban my AdSense account because I'm sending Personally Identifiable Information to them with my Google AdSense tag requests. It says that around 1% of requests from my website have a referrer of:
some_user#my_website.com/some/subpage
and they consider some_user#my_website.com to be PII (even though it can be completely made up abcd1234#my_website.com). More on this here: https://support.google.com/adsense/answer/6163366?hl=en .
I never link to this kind of URLs (the only form I use is my_website.com/some/subpage), but I guess my users sometimes enter it manually (since product-wise my website is providing an email service, it may seem reasonable by some logic).
I figured URI of some_user#my_website.com/some/subpage is legal since http basic auth allows for specifying user like this. When I entered it manually to Firefox, some_user# disappears from the location bar but in the Net panel of Firebug I can see all files are indeed requested from some_user#my_website.com/some/subpage and that's how Google sees it too.
I though that as a brute-force solution even something like:
if uri contains '#':
redirect to my_website.com
would do.
I'm using NGINX/UWSGI/Python Paste + JS. I've tried to implement the above condition both on server side and in JS, but my URI always says my_website.com/some/subpage even if I manually put some_user#my_website.com/some/subpage in the browser address bar.
I've also tried configuring basic_auth in NGINX to disallow providing any user but with no effect.
How do I get rid of these requests?
How do I get the FULL URI (with some_user#) in JS? I tried document.URI and window.location.href but they didn't contain the user part...
Apparently presence of user# part in the URI can be detected by examining window.location.href. I haven't noticed it before since window.location.href only contains user# in Webkit-based browsers (e.g. Chrome, Opera, Safari) but not in Firefox!
To resolve the problem I've added a check on that in JS + a JS redirect to an URL without user[:password]#.
Hopefully Google uses the same variable to figure out referrer for the ad requests, so it get PII only from Webkit browsers & fixing it for Webkit suffices. Will keep you posted.
I have a classic ASP web page that used to work... but the network guys have made a lot of changes including moving the app to winodws 2008 server running iis 7.5. We also upgraded to IE 9.
I'm getting a Permission denied error message when I try to click on the following link:
<a href=javascript:window.parent.ElementContent('SearchCriteria','OBJECT=321402.EV806','cmboSearchType','D',false)>
But other links like the following one work just fine:
<a href="javascript:ElementContent('SearchCriteria','OBJECT=321402.EV806', 'cmboSearchType','D',false)">
The difference is that the link that is failing is in an iframe. I noticed on other posts, it makes a difference whether or not the iframe content is coming from another domain.
In my case, it's not. But I am getting data from another server by doing the following...
set objhttp = Server.CreateObject("winhttp.winhttprequest.5.1")
objhttp.open "get", strURL
objhttp.send
and then i change the actual html that i get back ... add some hyperlinks etc. Then i save it to a file on my local server. (saved as *.html files)
Then when my page is loading, i look for the specific html file and load it into the iframe.
I know some group policy options in IE have changed... and i'm looking into those changes. but the fact that one javascript link works makes me wonder whether the problem lies somewhere else...???
any suggestions would be appreciated.
thanks.
You could try with Msxml2.ServerXMLHTTP instead of WinHttp.WinHttpRequest.
See differences between Msxml2.ServerXMLHTTP and WinHttp.WinHttpRequest? for the difference between Msxml2.ServerXMLHTTP.
On this exellent site about ASP you get plenty of codesamples on how to use Msxml2.ServerXMLHTTP which is the most recent of the two:
http://classicasp.aspfaq.com/general/how-do-i-read-the-contents-of-a-remote-web-page.html
About the IE9 issue: connect a pc with an older IE or another browser to test if the browser that is the culprit. Also in IE9 (or better in Firefox/Firebug) use the development tools (F12) and watch the console for errors while the contents of the iFrame load.
Your method to get dynamic pages is not efficient i'm afraid, ASP itself can do that and you could use eg a div instead of an iframe and replace the contents with what you get from the request. I will need to see more code to give better advice.
We have ASP.NET application in which we have used the YUI to generated the popup for user interface. Now when I amd testing the locally isntalled site the popups are comming correctctly withoug any error and also getting displayed correctly on all the browwsers (including IE 7/8/9).
However when the site is exposed on the server and i tried to test it from the outside network the YUI popup's are not getting genrated correclty like if some Javascript or CSS are not getting loaded or are cached. Generally Ctr+F5 does the trick to flush local cache and to fix the issue we have added query parameters xyz.css?v=10 trick. But its not working. Now this issue is showing only on the IE(6/7/8/9) and other browsers are working correctly. To check the issue i again logged into the production box and found that popup is appearing correctly on IE also.
Now i am not having clue how it could possibly happen. Does any one has came across anything like this? What could be the cause of the issue and how to fix it ?
Thanks
As far as I know, IE caches GET responses.
The xyz.css?v=10 trick is used when you want it to use cached CSS but only as long as it is the same version. Whenever you change something in the css you need to change the url (ie xyz.css?v=20).
If you want IE to NEVER use the cached css, you need the URL to look different everytime. you can do that by adding some timestamp to the url.
something like:
xyz.css?v=201201180600123
(201201180600123 is a timestamp)