I am getting an occasional 'XMLHttpRequest cannot load' error while using the cloud 9 cloud hosted development environment.
The full error is 'XMLHttpRequest cannot load https://c9.io/_user_content/authorize?redirect=http%3A%2F%2FprojName-username.c9.io%2Fusers%2Fanswers. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://projName-username.c9.io' is therefore not allowed access.'
The error is inconsistent. It has shown up (and not shown up) on various pages and often my page will work if I just reload it and try the exact same thing again. Is anyone else running into this error on cloud 9 or perhaps my internet connection is just unreliable? I am using the MEAN stack on a micro instance of cloud 9 with 1 GB ram and 10GB storage.
This is a temporary bug that arose as a result of changing the app preview URL from c9.io to c9users.io. The change was made in order to protect users and increase security. A fix will be out for this soon.
In the meantime you can set your application to public (your code will still be private and undiscoverable) by clicking "Share" in the top right and then checking the box next to your application URL.
Update: This bug has now been fixed. Any further issues similar to this should be submitted at https://community.c9.io so they can be addressed properly.
Related
Tasked with a project integrating Google Analytics to charts via the Embed API. I cannot get the demo on the Google site to load, all it shows is white boxes, see attached "embed-api-demo.jpg:"
https://ga-dev-tools.appspot.com/embed-api/interactive-charts/
Similar questions on S.O. relate to developers not getting their code to work - this issue is loading the demo from the Google site.
My environment and tested in:
Ubuntu 18.04 (Unity)
FireFox 65.0 64 bit
Chrome (Chromium) 72.0.3626.96
No special filtering or blocking in the browsers and have conferred with colleagues on Mac and Windows, it loads fine for them. A second Ubuntu user on Mint/Gnome has confirmed, also white boxes.
If it turns out to be an issue with the O.S. I could probably install VirtualBox and struggle through with Windows, but would prefer not to do that (and guessing it should load regardless of platform.)
I have worked with G.A. and the embed API extensively but it has been a few years and a lot has changed, presume I'm starting from scratch.
The debug console reports different errors in FF vs. Chrome. I have not yet dug into a browser setting that may be interfering with loading the demo, that is my next step.
FireFox:
CSI/tbsd_ cb=gapi.loaded_0:620:127
CSI/_tbnd cb=gapi.loaded_0:620:127
Content Security Policy: Ignoring “'unsafe-inline'” within script-src: ‘strict-dynamic’ specified
Content Security Policy: Ignoring “https:” within script-src: ‘strict-dynamic’ specified
Content Security Policy: Ignoring “http:” within script-src: ‘strict-dynamic’ specified
Object { error: {…} }
cb=gapi.loaded_0:106:97
uncaught exception: [object Object]
Chrome (Chromium:) The "opened" error details are quite long but here is the version with the details closed. Saving the log doesn't show this information. see attached "chrome-error-console.jpg."
-> GET https://content.googleapis.com/analytics/v3/management/accountSummaries?max-results=0&_src=embed-api%3Av1 403 cb=gapi.loaded_0:149
-> {error: {..}} cb=gapi.loaded_0:106
-> Uncaught -> {error{...}} cb=gapi.loaded_0:76
-> [Deprecation] chrome.loadTimes() is deprecated, instead use standardized API: Paint Timing. https://www.chromestatus.com/features/5637885046816768. common.js:25
Thank you for any pointers/direction anyone can provide.
embed-api-demo.jpg
chrome-error-console.jpg
Marking solved. What is not clear from the demos is that they only display data linked to your account. You must be logged in to G.A. to see the demos.
This doesn't make a lot of sense to me at this point, if I am a site owner and want to show my visitor a graph of stats, they shouldn't need a G.A. account to see them.
When I visit my own WordPress based website sometimes I am seeing the following error message in Chrome console panel.
Failed to load resource: net::ERR_CONNECTION_CLOSED
Screenshot
As a result the main CSS file is not loading and the website looks messy. Still I can not find the reason but currently I have a very slow internet connection.
However, I want to know whether this is happening for my website visitors as well.
My question is, is there any solution to log this error message displayed in Chrome console panel using Google Analytics or any other error logging tool so that I can analyse how many visitors are seeing the same error?
Thank you.
There are a lot of tools to monitor servers status.
but to install them you need SSH access to your host server - this access is depend on your web-hosting company...
without any more details about your hosting plan i can guess that if you have low and cheap hosting plan - 1 shared CPU and 1 giga RAM - it not good enough for wordpress because wordpress need some moer resources.... and your visitors also see this error somtime - just like you...
I have a Google App Script deployed as a Web application.
It was working normally, until this evening I discovered it would not load in Firefox or Chrome.
In Firefox I am getting this message;
Failed to execute ‘postMessage’ on ‘DOMWindow’: The target origin provided (‘https://n-...-0lu-script.googleusercontent.com’) does not match the recipient window’s origin (‘https://script.google.com’).
Removed part of URL
The app is deployed: (Executing as myself, and is Accessible for anyone, even anonymous).
I thought the issue might be with LastPass as mentioned here, but I have disabled LastPass in both browsers and the issue persists.
I'm not sure if this is a bug or a feature, but web apps starting in Chrome 60 may need to be set to XFameOptionsMode.ALLOWALL. I have a long running web app that just broke. Setting this worked.
XFrame Options Docs
I'm developing a Chrome Extension to add some functionality to Gmail. My problems start when I want to show an Iframe which contains a "non certificated" page (http instead of https). I've tried to publish my page to an IIS 7 server using SSL but the Javascript returns an error because I don't have a SSL certificate.
I've tried to run Chrome with the --allow-running-insecure-content tag, but it isn't work for the javascript security exceptions.
My question is: is it possible to develop without the certificate and buy it later?
Edit: The exact JavaScript error is:
Uncaught SecurityError: Blocked a frame with origin "http://localhost:1851" from accessing a frame with origin "https://mail.google.com". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "https". Protocols must match.
i think you should upload your project on server, you face some security issues when you try to access from your local host
I've found the solution:
I've run my web application in SSL mode, like they say in this link, without using any certificate. When the javascript error appeared in the console, I just copied the url that causes the error (https://localhost/...) and loaded it in a new tab, ignoring the Chrome security warning. Then I've reloaded the Gmail page and, voilà, works like a champ.
It is necessary to repeat the proccess every time that Chrome is executed.
Today I attempted to browse a new feature recently deployed to our testing environment (NOT LOCAL). After navigating to the new feature I was met with a blank page. Confused, I checked Chrome's console and found an error:
XMLHttpRequest cannot load https://test.mytestsite.com/SomeApplication/api/SomeController/SomeMethod/8?Id=523283&SecondId=1612w3426653.
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://test.mytestsite.com' is therefore not allowed access.
This code makes an ajax call to a WebAPI (on the same domain) to retrieve some information on document.Ready. I understand the error and I'm familiar with it's typical cause. However, this call is being made from within the same domain AND it works for the other developers on my team.
Symptoms:
- Does not work for IE or Chrome/Incognito
- Does work for FireFox
- Works on all browsers for at least 4 other developers on the same domain that I reside on. (Indicating to me that this is an environmental issue)
Possible causes:
- I was doing some CORS research several weeks ago and perhaps I configured some Windows 7 setting to cause this to happen?
Google is saturated with the standard CORS issues, so I'm asking here and hopefully someone can help.
The issue at hand was due to inconsistencies between environments.
In our production environment SSL is enforced with a redirect in IIS, while in our testing environment it is not. I was navigating to the site via a bookmark using http. Updating the bookmark, as #epascarello suggested, fixed the problem.