In my dev environment, for security reasons, my wp-admin folder is protected by basic authentication with htpasswd.
When i'm logged in the admin area (after passing Basic Authentication and Wordpress Login), wordpress tries to load several scripts by ajax with its load-scripts.php service but the script returns a 403 http error (forbidden) because of the Basic Authentication wall.
I've done some researches with no luck about how to solve this issue. Does anyone have any ideas or previous experience with this?
Ok I just fixed my problem. So good to know for anyone will get the same issue.
The solution is to disable the "CONCATENATE_SCRIPT" feature, enabled by default, by adding the following line to your wp-config.php
define('CONCATENATE_SCRIPTS', false);
Now the scripts don't get load by ajax but printed straight to the html page and everything works fine.
I think, although the page loading will be a bit slower than before as it will wait for all the scripts to be loaded, it's a good compromise if we want to add a bit more security to our admin area.
Where is the script inclusion located?
A the head or on the bottom?
The problem may come from the location .
If you can insert some code where you have tried.
Related
I'm trying to integrate PayPal Buttons with PayPal SDK on my FrontEnd. The SDK is loaded from
//www.paypal.com/sdk/js?client-id=<My-SandBox-Client-Id>
The script is loading correctly and when I do render buttons into my page it looks good as well. But there are 3 problems:
Loading animation points are still hang at the bottom of the buttons:
In developer tools I can see the broken request (400) which says:
Invalid sdk meta: eyJ1cmwiOiIvL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWYtd0RUQlhVSjBFVE9hWWl6eXFVNDdPbVdxc0tvYmNpOVM1RzQya2FfR1RBeTZSR1pZNU1MUVBEdkw4VWJ0amx4QlJxdXMzWFBPNGUxWGEiLCJzdGFnZUhvc3QiOm51bGwsImFwaVN0YWdlSG9zdCI6bnVsbH0
Request is going to:
https://www.sandbox.paypal.com/smart/buttons?{private data}
When clicking on any button, there is only spinning animation without loading any further data. No error message is provided.
I followed these integration guide: https://developer.paypal.com/docs/checkout/integrate/#2-add-the-paypal-script-to-your-web-page
I have also found the same question without any answer on PayPal Community page:
https://www.paypal-community.com/t5/Merchant-services-Archive/Invalid-sdk-meta/m-p/1831011
I am wondering why PayPal doesn't help with integration on own community pages, and hope somebody here can help me to find out what is could be wrong.
Found the solution: make sure you are including script from https://. Otherwise by loading from http:// script becomes a redirect to https:// and this runs in the described error above. So the correct link to the script is:
https://www.paypal.com/sdk/js?client-id=<My-SandBox-Client-Id>
Hopes it may help someone facing the same problem.
Ok so i've been pulling my hair out for 2 days over this no doubt simple problem.
I'm using their JS SDK, I have created an app, hosted the callback html file, both redirect_uri fields are correctly populated. When I then call the SC.connect the popup loads, I accept permission... then nothing happens. The popup never closes and my authentication is not returned to the original page. I have done everything as they have said in their developer docs. I have checked out their demo pages which work, I have analysed the code, I have even copied to code exactly and run it on my site, same damn problem. Only thing I can think is that it has something to do with the callback.html file. Am I supposed to put code in there to return back to my site after auth? (if so they kept quiet about this in the docs) I checked out the soundcloud version of the callback.html file, there's contains nothing but a link to the sdk.js file? Which I even tried but no matter what I do I can't seem to get the popup to close after auth.
Any ideas guys?
And yes, I'm fairly new to using apis
In Soundcloud's sample callback.html, the code:
<body onload="window.opener.setTimeout(window.opener.SC.connectCallback, 1)">
must be altered to:
<body onload="window.setTimeout(window.opener.SC.connectCallback, 1)">
This allows the popup to close properly and completes the login flow for the client side javascript SDK. Application settings must be correctly configured to the same domain (localhost or production, but not a mix of the two).
I've created a trivial prototype app on Facebook. When my test script (JavaScript on Ubuntu command line, powered by Node.js) tries to access the app, it produces this error message:
{ error:
{ message: 'Invalid OAuth access token.',
type: 'OAuthException',
code: 190
}
}
So I'm trying to debug using Facebook's lint debugger. However when I paste the app's access token into lint, it responds with:
Failed to get composer template data.
I have no idea what this means, and a lengthy stumble through Google reveals page after page of people who are similarly clueless.
Has anyone seen this error, and fixed it?
Details about the app:
It's configured to ask for read_insights and manage_pages alongside standard permissions. No other permissions are requested.
Settings, Basic: I've had to put a nonexistent URL in the secure canvas URL, since I don't have any SSL hosting anywhere. The non-SSL canvas URL is complete and points to an existing page.
"App Info" is all filled in (apart from Tagline which is optional).
I haven't submitted the app for approval for public use, and there are no "items for approval". I'm going to be the only person who ever uses it, this isn't necessary for this app.
Switching from "live" to "sandbox" and back again doesn't make any difference.
There are no warnings anywhere on the app developer page.
A client I worked for was experiencing a similar issue - when sharing certain URLs on Facebook, the Facebook Sharer wasn't picking up any of the thumbnails. Frustrated with that, the client was trying to clear the Sharer's cache using the debugger at https://developers.facebook.com/tools/debug/, hoping that this way Facebook will re-cache the page and display the corresponding images.
However, in doing so, the client was seeing the ambiguous "Failed to get composer template data." error, and resorted to me for a solution.
I did my research, and it turned out that Facebook had decided to block the domain of the CDN that my client was using to serve images from. Since the pages were loading all images from that CDN, none of the images were getting picked up and the debugger was returning that "Failed to get composer template data." error.
The moment we started serving the images from a new CDN, Facebook started picking them up correctly, and the error disappeared.
Hope that helps you!
P.S. Please note however, this is not a permanent solution if you are violating Facebook's terms in some way. Yes - Facebook's spam prevention algorithms do return false positives sometimes, but most of the time they have a pretty good reason to block your content.
P.P.S. Worth noting, in the case I'm describing, when we passed the CDN URL to the debugger, it returned "This link is blocked, or you have triggered an excessive amount of scrapes. If you think you're seeing this by mistake, please let us know."
I had same error, "Failed to get composer template data.".
I believe my path to Images was blacklisted by Facebook. Workaround was to create virtual path that points to Images folder. Then I could reference /Images with /OGImages virtual directory. Then I no longer received the error.
Had kind of the same problem, I figured out I needed to use HTTPS instead of HTTP for the image link, and everything went fine then.
Hope it may help !
I had just the same problem and it appeared suddenly after several months without any site changes except content. First I thought the Facebook spam filter had blocked our site, as suggested by a Ycombinator comment thread but then I found the real problem.
In fact it was the official Facebook Wordpress plugin that was acting up. Disabling it meant that the Facebook debugger could once again fetch our data and sharing started to work immediately.
In my case is was a "Facebook Share Buttons" plugin for Wordpress. I've deactivated the plugin and resolved the issue.
I am trying to troubleshoot the following issue. A client tried to download a word document and is getting the following error.
Your organization's policies are preventing us from completing this action
for you. For more info, please contact your help desk.
I believe this issue is because of cross-domain javascript. However, the file is being downloaded from a pop-up that doesn't stay on the screen long enough for me to do anything. It is an issue with IE8 / 9.
I can not find which javascript is opening the popup let alone which javascript is being run from within the popup. I am using fiddler to try and view the http requests and that is not helping.
Is there a way for me to debug what is happening within that popup? Is there a way to debug javascript to break on a type of condition being met?
EDIT:
I have tried working on this issue on my local environment and the same issue comes up. The popup appears to first come from the same domain https://company.aj.com, then goes to a different domain https://apps.aj.com and the file is being downloaded from the apps domain.
we are experience since yesterday the "FB is not defined" error, caused by Facebook not serving all.js, which is the core Javascript SDK file.
Looking at the NET tab in Firebug or Chrome developer tools, I can see the get on all.js failing.
After a few page refreshes, it works correctly, then 10 minutes later is again not serving the file.
Is it a Facebook issue? Apparently we have no other network error, and we are not behind a proxy. Anyone else experiencing it? Facebook status page is not reporting any problem, and I cannot find anything recent on Google.
Is it "normal"? like Facebook limiting gets based on some "cap" or anything similar?
I have run into this same issue before. It was something that I could never really pin down but it was believed to be an issue with Facebook. My solution was to grab a copy of all.js and serve it up locally.
Your description sounds like a network issue, but if you are loading the SDK asynchronously and trying the use the FB object before it has fully loaded, it will cause this error and may also stop attempting to load the all.js due to the Javascript error.
To resolve this, put all references to the FB object inside of the window.fbAsyncInit function seen on this page: https://developers.facebook.com/docs/reference/javascript/
This may not be your issue, but that is almost always the solution when I see that error.
You must add the Facebook SDK all.js on the bottom of your page.
Before the Facebook SDK, you must add <div id="fb-root"></div>
After this load, you can call the function FB.
The call of Facebook SDK must be with the document.protocol HTTPS or HTTP.
Good luck !