[SOLVED] FAQ 6.0.16 information not visible

[JDavis]

I have just installed the latest otrs 6.0.16 version on Ubuntu 18.04 and migrated all my data from my old otrs windows version 3. I have the site and otrs all working except since I setup the server and otrs to use https I can no longer view the data that is in the FAQ (solution / problem and etcetera panels). I see the message:

"This content cannot be displayed in a frame. To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame."

I tried toggling the setting in admin::frontend::Base::DisableIFrameOriginRestricted on and off but that has not really helped. If I enable this setting I no longer see the error message but no text gets displayed in any of the panels.

Does anyone know how to make this work? Did I miss setting something?

faqerror.PNG

[root]

Hi,

Please provide the Request and Response header from a browser console.

- Roy

[JDavis]

I am not sure if this is what you want to see. This is the browser console information from 2 different browsers.

Browser 1
DOM7011: The code on this page disabled back and forward caching. For more information, see: http://go.microsoft.com/fwlink/?LinkID=291337
File: index.pl
HTML1300: Navigation occurred.
File: index.pl
DOM7011: The code on this page disabled back and forward caching. For more information, see: http://go.microsoft.com/fwlink/?LinkID=291337
File: index.pl
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/ErrorPageTemplate.css
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SCRIPT5: Access is denied.

File: CommonJS_67a67e2e57aa1d876751ac396edf7364.js, Line: 1, Column: 27415

Browser 2
Unhandled rejection: OpenFailedError: InvalidStateError A mutation operation was attempted on a database that did not allow mutations.
create@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:262724
s/<@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:254088
st/<@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:239717
Ye@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:234980
He@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:235459
Ne@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:235315
background.js:33:240268
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Promise rejected after context unloaded: Promised response from onMessage listener went out of scope
page_performance.js:25
Unchecked lastError value: Error: Promised response from onMessage listener went out of scope page_performance.js:25

[root]

Hi Jeffrey,

what's your current setting of the SystemConfiguration DisableIFrameOriginRestricted?

In addition to his I would check if there is the HTTP header X-Frame-Options set in the web server configuration.

- Roy

[JDavis]

The otrs setting DisableIFrameOriginRestricted is the default disabled

In apache
Header set X-Content-Type-Options: "nosniff"
Header set X-Frame-Options: "sameorigin"

I no longer see the error message but in the FAQ and throughout the whole site the faq details, ticket details, notes etcetera are now just all blank.

[JDavis]

I found the problem ... it is fixed ... and all is working.

When I set the ssl-params.conf file in apache2 there was an X-Frame DENY statement that I previously did not see .
I have removed and set to SAMEORIGIN
and all the data is now appearing as it should

Thanks for the help. Your comments led me in the direction for what I needed to search for.

[netjess]

I found the problem ... it is fixed ... and all is working.

When I set the ssl-params.conf file in apache2 there was an X-Frame DENY statement that I previously did not see .
I have removed and set to SAMEORIGIN
and all the data is now appearing as it should

Thanks for the help. Your comments led me in the direction for what I needed to search for.

Please edit OP and prefix [SOLVED]. Thanks and glad you worked it out.