Lightning embed iframe from another website - salesforce

I'm trying to build a simple component to display a web page inside a Lightning component. This is my starting code.
<aura:component implements="force:appHostable">
<iframe width="100%" height="350px" style="border: 1px solid" src="https://trailhead.salesforce.com/en/content/learn/trails/wave_analytics_apps" />
</aura:component>
Then I was going to embed this into a Lightning Component using iframe. Is there any way to make it work? I've checked ClickJack by disabling it. I've created records in Remote Site Settings, CORS, and CSP Trusted Sites. I still get this error.

It's not you, it's them. The hint is in "{target} refused to connect". I don't know what you did to your Chrome error console but the error should be in there.
Refused to frame 'https://trailhead.salesforce.com/' because an
ancestor violates the following Content Security Policy directive:
"frame-ancestors 'none'".
https://en.wikipedia.org/wiki/Content_Security_Policy
that trailhead page doesn't allow to be embedded anywhere else, not even on pages from same subdomain. Your component will work fine if you use src="https://example.com". Generally you'd need to talk with the target website's owner to whitelist your SF (internal mydomain and/or community, depends what exactly you want to do with it)

my friend. i have the same problem recently. So, I resolved temporary disabled the flags of chrome that implements the news features, the flags will be default only 84 version of chrome, but you can win this question quickly, do this:
1 - go to chrome://flags/ into url of chrome.
2 - disabled the flags below:
- SameSite by default cookies = disabled
- Enable removing SameSite=None cookies = disabled
- Cookies without SameSite must be secure = disabled
3 - click on Relaunch.
For you resolved definitly in saleforce, you can ask to the own (page embeded), that implement in your cookie same values in cookie them:
- On the cookie set values to:
- secure = Yes
- SameSite = NONE.
For me resolved good.
But if you need get a event by iframe using component Aura, tell me here and i give and post more information.

Related

Salesforce: Visualforce pages not working anymore because of certificate error

I have a dev box running with a namespace and just added a demo visualforce page named "test" and just clicked on "Preview". It is ending up with a certificate error on my browser.
The URL salesforce tries to open is https://myinstance-dev-dev--mynamespace.visualforce.com/apex/test
The certificate being provided by this domain is for "viv1.force.com". That is why my browser is blocking it.
Any idea why this is happening? My visualforce pages were working on the dev box, but now suddenly end up with this error.
Strange solution. Had to check "Critical updates" on setup, and DEACTIVATED the setting "Stabilize URLs for Visualforce, Experience Builder, Site.com Studio, and Content Files". Now it is working again.
I assume for some reason this stabilization missed to change the used certificate behind visualforce pages. Deactivating above option fixed it.

Error on clicking the LinkedIn Share Button on IE/Edge

I am using the below Share Plugin of LinkedIn in my ReactJS app:
<script src="https://platform.linkedin.com/in.js" type="text/javascript">lang: en_US</script>
<script type="IN/Share" data-url="https://www.linkedin.com"></script>
From LinkedIn Docs: https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/plugins/share-plugin
It is working completely fine on Chrome/Firefox/Safari. But, on clicking the LinkedIn Share button (generated by the above scripts), the LinkedIn Share Popup appears and I get an error in my app console which says:
[object Error]: {description: "[Messenger] Required property 'target'
was not provided", message: "[Messenger] Required property 'target'
was not provided", nr#seenError: true, stack: "Error: [Messenger]
Required property 'target' was not provided at Anonymous function
(https://platform.linkedin.com/xdoor/scripts/in.js:7:55143) at
Array.prototype.forEach (native code) at t
(https://platform.linkedin.com/xdoor/scripts/in.js:7:54936) at e
(https://platform.linkedin.com/xdoor/scripts/in.js:7:56462) at e
(https://platform.linkedin.com/xdoor/scripts/in.js:7:34661) at value
(https://platform.linkedin.com/xdoor/scripts/in.js:18:23834) at s
(https://platform.linkedin.com/xdoor/scripts/in.js:18:38221) at
nrWrapper
([MY_SITE_LINK_ADDRESS]:9:16587)"}
Note: I hid the [MY_SITE_LINK_ADDRESS].
The problem here seems to be that you're relying on the plugin's JS, CSS, and HTML to handle every browser. Take a look: Here's someone else posting in 2018 having the same exact problem, Issue on IE with LinkedIn Share plugin. And, officially from LinkedIn, if you want this plugin to work, you need to ask your users to do this:
Open Internet Explorer.
Click Tools and select Compatibility View Settings.
Uncheck the box next to "Display all websites in compatibility view".
Click Close.
Is it reasonable to ask your users to reconfigure their browser just to be able to click one, single button on your website? Answer: No.
You don't need to rely on the LinkedIn Share Plugin. All you really ought to need is...
https://www.linkedin.com/sharing/share-offsite/?url={url}
Then making sure it works cross-browser is in your hands.
Source: Microsoft LinkedIn Share URL Documentation.
Sure, everyone says: Don't Reinvent the Wheel! I totally agree! But when you find a car that has square, cubic wheels, then maybe you want to reconsider!
If you are interested in a regularly maintained GitHub project that keeps track of this so you don't have to, check it out! Social Share URLs

Why am I getting a 'Failed to find a valid digest ' error?

In my reactapp created by create-react-app I suddenly have an error in chrome when I try to run my app:
Failed to find a valid digest in the 'integrity' attribute for resource 'http://localhost:3000/static/js/0.chunk.js' with computed
SHA-256 integrity 'hW0einVybma+FCDLYbayWASTmGI9JBE1dkrmPvDzJXQ='. The
resource has been blocked.
However in IE it works fine. All I did was changing a label on a Button component. How can I avoid this error on chrome?
It sounds like the feature is simply doing what it's intended to do.
Do you have compression enabled in your Chrome for Android browser?
Google may be minifiying your CSS before sending it to your phone causing the signature to be invalid.
SSL prevents this from happening. Maybe we should look for https in PUBLIC_URL and toggle this feature based on that.
https://developer.chrome.com/multidevice/data-compression

HTTP images over HTTPS using angularjs

whenever I visit my angularjs based website that loads images (http images on a https server) I get warnings in the console saying that mixed content has been blocked. And those images do not show up
It is not my browser because it happens on other browsers too and on other systems, it is not the server, because another website that does not use angularjs works fine. So I think it is related to angularjs.
I already did this:
$sceDelegateProvider.resourceUrlWhitelist([
'self',
'http://images.RESOURCE.net/*'
]);
but it does not do anything. Moreover I tried loading them over a protocol-less url so //images.RESOURCE.net
This causes them to be loaded over https but then the server identify of the image server could not be validated and it also does not work.
Is there anyone who can determine the actual problem, is it angularjs and can angularjs fix it? It is almost impossible to remove angularjs from the project at the current state.
Thanks
-xCoder
This is not a limitation of Angular. Modern browsers block the loading of mixed (http) content over a secure (https) connection. This can be addressed by adjusting settings in your browser of choice.
Enabling Mixed Content by Browser:
IE: http://wiki.sln.suny.edu/display/SLNKB/Enabling+mixed+content+in+Internet+Explorer
Firefox: http://wiki.sln.suny.edu/display/SLNKB/Enabling+mixed+content+in+Mozilla+Firefox
Chrome: http://wiki.sln.suny.edu/display/SLNKB/Enabling+mixed+content+in+Google+Chrome

How to get button Response/Request URLs in QTP?

How do I get Response/Request URLs (which are shown in F12 Developer tools - Network Tab) using QTP 11? Based on these URLs, I need to perform certain action in my application. Is there any alternate solution to get those URLs?
Scenario: Open IE browser and navigate to a URL, Press F12, Go to 'Network' tab. Click on 'Start Capturing' button. Now click on any button or link on the page, you will get a set of URLs in the Developer Tool (F12).
Firstly, do you need all of the URL requests generated from a button and/or link click? Remember that what you get from the "Network" tab in the developer tools also include URL's for fetching e.g. Javascript and CSS in addition to, for instance a GET request to an external API.
I'll try an provide you with an alternative approach. If what you are really requiring is the URL associated with each interactive element, then you should be able to get that by using the GetROProperty method like so:
strURL = Browser("YourBrowser").Page("MainPage").WebButton("aButton").GetROProperty("href")
A more generic script for fetching e.g. all the "href" properties for all the links on a page may be found in the following post: (HP QuickTest) How do I get HTTP status using QuickTest?.
Hope this helps.
UPDATE: With regards to your question regarding fetching of the URL's from the IE developer tools; As far as I know there is no way to fetch them from this view by using QTP.

Resources