I have a problem with Google Chrome 16 on one of the sites I'm supporting that I can't fix couple a days now.
The site is using forms authentication. There is a hyperlink that when clicked is calling a web handler, that is supposed to go fetch a PDF file. Everything is working great in all browsers except in Google Chrome.
When I click that link in Chrome it gives me 401 - Unauthorized: Access is denied due to invalid credentials.. I've checked the request headers and the only difference I can see is that the authentication cookie is not present in the request made by Chrome 16. The strange thing is that everything is working great on the local machine, but once uploaded to the production server chrome is not sending that cookie.
I've implemented IReadOnlySessionState interface in the web handler, as suggested here and there in forums, but this didn't solve the issue.
Does any of you have an idea why chrome is acting like that?
To check your cookie acceptance:
Click the wrench icon (Top Right)
Click "Options"
Click "Under the Hood"
Click "Content Settings"
Make sure that "Block third-party cookies from being set" isn't
checked.
That was what fixed the issue on the site I was on. You can also see a special icon in the address bar on the right when it blocks a cookie.
For more precision there is a "Manage Exceptions" button under cookies in the Content Settings. You can use that to specifically allow the site in question.
Related
I am using sitefinity 11 Trial version. I have come across a very strange issue.
I am trying to use Content -> Blogs section, when I click that option in menu, I am redirected to "Sitefinity/adminapp/content/blogs" page. Where it keeps loading, after a while it reloads the page not URL becomes "Sitefinity/adminapp/" then after some time URL becomes "/Sitefinity/adminapp/auth/oidc/sign-in#id_token=XXXXXsomevalue" then it keeps reloading there for always.
I have tried to "switch new interface" on/off but that didn't help either.
I also have created a Dynamic Module but same problem with that too.
I searched about this issue but no help. I also came across the link but this was about customising the Admin backend screens.
Please guide me the right path.
Thanks
Very strange, I opened the sitfinity admin section in Internet Explorer. there I got the message that this browser is not supported, please switch to Classic mode. I again set the "switch new interface" to off in IE.
And I am able to access the Manage screens.
Then I cleared the browsing history on Chrome, re login into sitefinity admin section unselected the "Remember me" checkbox. And I can use the screens in chrome also.
Another thing to check is what type of authentication mode you are using. (In Administration > Settings > Advanced > Security, the AuthenticationMode drop-down). Along with IE not being supported by the new Interface (which Edge, Chrome and Firefox are), the new interface also works best with Claims Authentication, which is Sitefinity's preferred authentication mode. We found that when we switched from Forms Authentication to Claims that we had some similar functionality back even while in the new interface. (Note that in Claims Authentication you'll use a different URL for logging in: https://sitename/Sitefinity instead of https:/sitename/Sitefinity/login with Forms Authentication).
I created a Vaadin (8.2.0) web app in Netbeans and uploaded it on a Glassfish (4.1) server. I can access the app's home page in Edge and Firefox, however in Chrome I get this message:
Cookies disabled
This application requires cookies to function. Please
enable cookies in your browser and click here or press ESC to try
again.
I double checked my chrome settings and know that cookies are allowed. I even added the server specifically in the allowed list.
What do think is missing?
As Artur Signell mentioned in the comments, the solution was to simply clear all the cached cookies in the Chrome web browser. After that, the app just worked fine and I didn't get that error.
I was having the same problem. I noticed that switching to HTTPS lead to these errors not occurring. The same site would throw this error when I accessed it via HTTP, but if I went to the site via HTTPS, then the problem did not occur.
I have a mvc4 web app that sits behind ADFS 2.0 authentication, it's configured using the web.config file. The application can be visited by going directly to a URL or as an iframe inside of CRM 2013.
The application works in all (tested) browsers when visiting the URL directly, both redirection to login form and handing the user back to the web app with the proper information in the ClaimsIdentity.
However, when visiting the app as an iframe inside CRM2013, internet explorer goes into a continous login loop. You are asked to provide the credentials (which are the same as for logging in to CRM) and when you click ok you get redirected back to the same login page again, to my knowledge the app never receives the hand off.
In Safari, Chrome, Firefox, and Opera the users are able to log into the application inside of CRM as well as outside without any problems (I'd even go as far as saying that it works better than expected for these browsers).
Does anyone have any idea of what I can try or what the problem could be for IE?
EDIT 1
I'm thinking it has to do with some security setting and am playing around with the settings in IE. Unchecking this box stops the login form from showing in IE at all and I get an empty page instead.
Is the iFrame on the same (sub)domain as the site inside? You can use Fiddler to view your redirect flow, are the cookies added as expected?
I've seen cookies that are overridden by the iFrame host, in that case you lose the auth cookie. Browsers react differently on same domain cookies.
Another problem might be X-Frame-Options, do you see any warning in the F12 console of IE?
We are developing a web application in asp.net and HTML5 (+ offline feature) and we are using “Add to desktop” button to create the desktop application.
Before access main screen, we have a windows authentication screen, so people can connect using their domain credentials.
In safari, we have almost no problem. It's the expected behavior when we are online. For the offline mode, safari needs to keep an active tab with the website loaded to allow offline access to it, otherwise safari does not find website – even if it’s cached with cache manifest...
In the desktop application (using “Add to desktop” button), the authentication popup on the main page does not appears. When I trace the HTTP requests, I can see 2 requests with a return status of 401. When I look into the logs, safari sandbox throw an exception (twice tries then abort operation)... The screen remains blank.
any ideas anyone or any fix is planned to correct this problem ?
Thanks in advance for any advices.
It's a problem with iOS 7. Windows Authentication only works in "Private Mode" or in another browser such as Chrome or Puffin. However, there isn't a workaround currently available to save an app to the home screen. Here's a thread on the Apple forums about this same issue:
https://discussions.apple.com/thread/5327078?start=60&tstart=0
The new iOS 7.03 fixes this issue.
My implementation of Facebook Connect (just a simple login button, fb:login-button) works perfectly on Firefox and IE.
But the same button is not showing up in Safari/Chrome (Webkit).
Here's what's ironic. In my debugging effort, I saved the page (that contains fb:login-button) up as a static page and then load it in Safari. And the button shows up, everything works!
The exact same page (with the exact same HTML source) rendered by my PHP has no way for bringing up the button.
I'm trying hard to support Webkit here but I'm close to giving up. Can anybody help?
I found one more way this can occur (the blame-myself-for-being-stupid way); it's probably not common, but in the event is saves anyone else the hassle, here it is:
This symptom can also be caused by various security tools blocking facebook resources.
In my case, I'd installed Facebook Disconnect ages ago in Chrome as a plugin and forgotten all about it being installed. I also had a second installation of Chrome that was seemingly identical (but did not have Facebook Disconnect). The first would properly load the fb:login-button, and the other would not; took me ages before I looked at the plugins, because Facebook Disconnect didn't have an icon and so its presence was pretty easy for me to miss.
Here's what you'll see if some sort of security plugin is preventing facebook resources from loading. Just look at the html that renders in the browser using developer tools.
In a normal chrome session you'll end up with something like this:
<fb:login-button><a class="fb_button fb_button_medium"><span class="fb_button_text">Your text here</span></a></fb:login-button>
But in the version with facebook's resources disabled you'll end up with this:
<fb:login-button>Your text here</fb:login-button>
Like I said, pretty obvious in retrospect.
Had the same problem but it was not related to anything like a plugin or malformed content. It seems if you enable country filtering on your facebook page it has an issue with the like button, this should be fairly obvious. Facebook gets your location from your profile and not your IP address.
Make sure to disable country locking if you plan on using the social plugins.
This can be due to having ClickToFlash installed. Either disable it, or check "Automatically load invisible Flash views" in the ClickToFlash settings.
What we found out is that Safari (and maybe some older versions of Chrome or other WebKIT browsers) have a problem with Facebook's code using the innerHTML JS function if your page arrives with an XHTML response header (application/xhtml+xml).
Using text/html solves the issue.
In case of JSF2, which we use, the implementing the fix was as simple as wrapping the FB button like this:
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com/2008/fbml"
xmlns:f="http://java.sun.com/jsf/core">
...
<f:view contentType="text/html">
<fb:login-button>Login using Facebook</fb:login-button>
</f:view>
Facebook bug report here:
http://bugs.developers.facebook.net/show_bug.cgi?id=5545
I had this problem with the Facebook button not showing at all and it took me forever to figure out what it was. Luckily after days of hair pulling I will now share the answer with everyone. In my situation I simply didn't have xfbml enabled. In my FB.init I had it set to false:
FB.init({
appId : 'app_id', // App ID
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : false, // parse XFBML
oauth : true // enable OAuth 2.0
});
I changed this to "true" (xfbml) and the login buttons works great now! :P Good luck!
This happened when I had the wrong domain in callback_url in config/facebooker.yml. Apparently it uses that to load the js files.
I had the same problem but I resolved it by making sure the URL in my app settings was exactly the same as the one for my site (i.e. it didn't work when I accessed my site without the www.).
I have tried every suggested solution here and it didn't work for me. But now I finally found the solution.
Facebook requires now a secured (https) for Canvas (Secure Canvas URL). The unsecured one will be deprecated soon.
Here is the main difference, Chrome doesn't like https connections with invalid certifications. On a localhost, it is very likely you have stunnel installed to allow https connection for the localhost. Firefox is ok with the self created SSL certificate and allows you to add an exception when trying to access that site. Chrome doesn't allow it out of the box.
When I load my app in Chrome the page is blank and I dont see any login button.
Click F12 and click the Netwrok tab in Chrome:
You see that the post request to your localhost is cancelled. DOUBLE Click on it.
Now you would see that chrome is blocking the localhost because of the certificate:
click on proceed anyway.
Now to back to your other tab and reload the page:
Chrome works now like Firefox and shows the login button.