Navigation

    APPDRAG Community
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Popular

    REMINDER

    Please be respectful of all AppDragers! Keep it really civil so that we can make the AppDrag community of builders as embracing, positive and inspiring as possible.

    SOLVED Modal content blocked

    Cloud CMS (Pagebuilder, Blog, Shop, Newsletters, Code Editor)
    4
    5
    497
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Myriam Mira last edited by

      Hi all!
      I'm using a gallery component.
      Clicking on a picture in this gallery opens a modal.
      This modal contains another page, which is already published.

      When I open the preview link, and click on the picture, the modal opens but its content won't load / it won't display anything, and I get this error in the console:

      "Mixed Content: The page at 'https://visigo-3fe790.appdrag.site/preview/projets-proposition-2.html?from-preview=1&from=projets-proposition-2&timestamp=1641832361546' was loaded over HTTPS, but requested an insecure frame 'http://www.visigo.fr/preview/projets-covea.html'. This request has been blocked; the content must be served over HTTPS."

      Do you have any clue where that could be coming from? And how to fix this?

      Thank you!

      J 1 Reply Last reply Reply Quote 0
      • J
        jbenguira @Myriam Mira last edited by

        @myriam-mira simple, it seems you are testing from this url
        http://www.visigo.fr/preview/projets-covea.html
        Instead of
        https://www.visigo.fr/preview/projets-covea.html

        M 1 Reply Last reply Reply Quote 0
        • M
          Myriam Mira @jbenguira last edited by

          @jbenguira Hi! I changed the link to use the link with httpS and it still did not work, I had an error in the modal:

          www.visigo.fr refused to connect.

          but the console told me that X-Frame-Options "SAMEORIGIN" in the http headers were causing that.

          So I'm not really sure what the best strategy is if we want to use X-Frame-Options, do you have a recommendation?
          Because when I removed it from headers, the modal was working perfectly.
          Thanks!

          Joseph Benguira 1 Reply Last reply Reply Quote 0
          • Joseph Benguira
            Joseph Benguira @Myriam Mira last edited by

            @myriam-mira indeed X-Frame-Options "SAMEORIGIN" is made to block traffic from iframe from a different origin ...

            you either you remove that custom header, or instead you configure it to allow your other origin (the domain when it needs to be accessible)

            X-Frame-Options: ALLOW-FROM XXXXXXXXXXX

            where XXXXXXXXXXX is the domain to allow access from

            1 Reply Last reply Reply Quote 0
            • C
              Constance Hua last edited by

              If anyone needs an easy alternative, read the answer here: https://community.appdrag.com/topic/1157/modal-content-blocked-2-refused-to-connect?_=1668797095679

              1 Reply Last reply Reply Quote 0
              • First post
                Last post