I have just installed the latest otrs 6.0.16 version on Ubuntu 18.04 and migrated all my data from my old otrs windows version 3. I have the site and otrs all working except since I setup the server and otrs to use https I can no longer view the data that is in the FAQ (solution / problem and etcetera panels). I see the message:
"This content cannot be displayed in a frame. To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame."
I tried toggling the setting in admin::frontend::Base::DisableIFrameOriginRestricted on and off but that has not really helped. If I enable this setting I no longer see the error message but no text gets displayed in any of the panels.
Does anyone know how to make this work? Did I miss setting something?
[SOLVED] FAQ 6.0.16 information not visible
Moderator: crythias
-
- Znuny newbie
- Posts: 24
- Joined: 28 Feb 2019, 10:50
- Znuny Version: 6.0.16
- Real Name: Jeffrey Taavettilan-Davis
- Company: USNR
[SOLVED] FAQ 6.0.16 information not visible
You do not have the required permissions to view the files attached to this post.
Last edited by JDavis on 05 Mar 2019, 11:33, edited 1 time in total.
-
- Administrator
- Posts: 3963
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: FAQ 6.0.16 information not visible
Hi,
Please provide the Request and Response header from a browser console.
- Roy
Please provide the Request and Response header from a browser console.
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
-
- Znuny newbie
- Posts: 24
- Joined: 28 Feb 2019, 10:50
- Znuny Version: 6.0.16
- Real Name: Jeffrey Taavettilan-Davis
- Company: USNR
Re: FAQ 6.0.16 information not visible
I am not sure if this is what you want to see. This is the browser console information from 2 different browsers.
Browser 1
DOM7011: The code on this page disabled back and forward caching. For more information, see: http://go.microsoft.com/fwlink/?LinkID=291337
File: index.pl
HTML1300: Navigation occurred.
File: index.pl
DOM7011: The code on this page disabled back and forward caching. For more information, see: http://go.microsoft.com/fwlink/?LinkID=291337
File: index.pl
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/ErrorPageTemplate.css
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SCRIPT5: Access is denied.
File: CommonJS_67a67e2e57aa1d876751ac396edf7364.js, Line: 1, Column: 27415
Browser 2
Unhandled rejection: OpenFailedError: InvalidStateError A mutation operation was attempted on a database that did not allow mutations.
create@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:262724
s/<@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:254088
st/<@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:239717
Ye@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:234980
He@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:235459
Ne@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:235315
background.js:33:240268
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Promise rejected after context unloaded: Promised response from onMessage listener went out of scope
page_performance.js:25
Unchecked lastError value: Error: Promised response from onMessage listener went out of scope page_performance.js:25
Browser 1
DOM7011: The code on this page disabled back and forward caching. For more information, see: http://go.microsoft.com/fwlink/?LinkID=291337
File: index.pl
HTML1300: Navigation occurred.
File: index.pl
DOM7011: The code on this page disabled back and forward caching. For more information, see: http://go.microsoft.com/fwlink/?LinkID=291337
File: index.pl
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/ErrorPageTemplate.css
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SEC7111: HTTPS security is compromised by res://ieframe.dll/forbidframing.htm
SEC7111: HTTPS security is compromised by res://ieframe.dll/red_x.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/bullet.png
SEC7111: HTTPS security is compromised by res://ieframe.dll/background_gradient.jpg
SCRIPT5: Access is denied.
File: CommonJS_67a67e2e57aa1d876751ac396edf7364.js, Line: 1, Column: 27415
Browser 2
Unhandled rejection: OpenFailedError: InvalidStateError A mutation operation was attempted on a database that did not allow mutations.
create@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:262724
s/<@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:254088
st/<@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:239717
Ye@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:234980
He@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:235459
Ne@moz-extension://f8f32f07-6afc-41b0-82a9-6560dfed2b8d/dist/background.js:33:235315
background.js:33:240268
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Load denied by X-Frame-Options: https://xxx.xxx.xxx/otrs/index.pl?Actio ... zkoQnUI4F2 does not permit framing.
Promise rejected after context unloaded: Promised response from onMessage listener went out of scope
page_performance.js:25
Unchecked lastError value: Error: Promised response from onMessage listener went out of scope page_performance.js:25
-
- Administrator
- Posts: 3963
- Joined: 18 Dec 2007, 12:23
- Znuny Version: Znuny and Znuny LTS
- Real Name: Roy Kaldung
- Company: Znuny
- Contact:
Re: FAQ 6.0.16 information not visible
Hi Jeffrey,
what's your current setting of the SystemConfiguration DisableIFrameOriginRestricted?
In addition to his I would check if there is the HTTP header X-Frame-Options set in the web server configuration.
- Roy
what's your current setting of the SystemConfiguration DisableIFrameOriginRestricted?
In addition to his I would check if there is the HTTP header X-Frame-Options set in the web server configuration.
- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
Use a test system - always.
Do you need professional services? Check out https://www.znuny.com/
Do you want to contribute or want to know where it goes ?
-
- Znuny newbie
- Posts: 24
- Joined: 28 Feb 2019, 10:50
- Znuny Version: 6.0.16
- Real Name: Jeffrey Taavettilan-Davis
- Company: USNR
Re: FAQ 6.0.16 information not visible
The otrs setting DisableIFrameOriginRestricted is the default disabled
In apache
Header set X-Content-Type-Options: "nosniff"
Header set X-Frame-Options: "sameorigin"
I no longer see the error message but in the FAQ and throughout the whole site the faq details, ticket details, notes etcetera are now just all blank.
In apache
Header set X-Content-Type-Options: "nosniff"
Header set X-Frame-Options: "sameorigin"
I no longer see the error message but in the FAQ and throughout the whole site the faq details, ticket details, notes etcetera are now just all blank.
-
- Znuny newbie
- Posts: 24
- Joined: 28 Feb 2019, 10:50
- Znuny Version: 6.0.16
- Real Name: Jeffrey Taavettilan-Davis
- Company: USNR
Re: FAQ 6.0.16 information not visible
I found the problem ... it is fixed ... and all is working.
When I set the ssl-params.conf file in apache2 there was an X-Frame DENY statement that I previously did not see .
I have removed and set to SAMEORIGIN
and all the data is now appearing as it should
Thanks for the help. Your comments led me in the direction for what I needed to search for.
-
- Znuny expert
- Posts: 172
- Joined: 16 Nov 2011, 23:35
- Znuny Version: 6.0.16
- Real Name: Jesse
- Company: Mercer Valve Company
- Location: Oklahoma USA
- Contact:
Re: FAQ 6.0.16 information not visible
Please edit OP and prefix [SOLVED]. Thanks and glad you worked it out.JDavis wrote: ↑01 Mar 2019, 07:27
I found the problem ... it is fixed ... and all is working.
When I set the ssl-params.conf file in apache2 there was an X-Frame DENY statement that I previously did not see .
I have removed and set to SAMEORIGIN
and all the data is now appearing as it should
Thanks for the help. Your comments led me in the direction for what I needed to search for.
Powered by OTRS 6
Active Directory LDAP Integration.
Ubuntu 18 LTS, Apache2, PostgreSQL.
Active Directory LDAP Integration.
Ubuntu 18 LTS, Apache2, PostgreSQL.