Bug 1145049
| Summary: | Accessing CSP page leads to JS error complaining about https | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | Jakub Cechacek <jcechace> | ||||||
| Component: | Web Console | Assignee: | Lindani Phiri <lphiri> | ||||||
| Status: | CLOSED EOL | QA Contact: | Pavel Jelinek <pjelinek> | ||||||
| Severity: | urgent | Docs Contact: | |||||||
| Priority: | unspecified | ||||||||
| Version: | 6.4.0 | CC: | bmaxwell, brian.stansberry, hbraun, hpehl, jdoyle, jkudrnac, jmoran, pjelinek | ||||||
| Target Milestone: | DR12 | ||||||||
| Target Release: | EAP 6.4.0 | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Whiteboard: | csp | ||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2019-08-19 12:45:34 UTC | Type: | Bug | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Attachments: |
|
||||||||
|
Description
Jakub Cechacek
2014-09-22 09:32:04 UTC
For additional info relate to discussion on JIRA Its two different problems: a) iframe protocols must match b) same origin policy. The first one _requires_ ssl, there is no way around that. The later kicks in because some part of the Support plugin breaks the SOP rules (see https://issues.jboss.org/browse/HAL-504). ad a) iframe protocols must match The message: "Blocked a frame with origin "https://access.redhat.com" from accessing a frame with origin "https://localhost:9443". Protocols, domains, and ports must match." occurs with HTTPS configured. It seems that not only the protocol but even ports must match. It's the same origin policy. Take a look at https://issues.jboss.org/browse/HAL-475 Created attachment 945241 [details]
JavaScript consoles of Chrome 37 vs Chromium 27
It also seems that various version of various browser react to this differently (in terms whether the message is shown).
Attaching a screenshot showing JavaScript consoles of Chrome 37 vs Chromium 27. Page was accessed via http.
Sorry, wrong linke. Here's the right one: https://issues.jboss.org/browse/HAL-504 (In reply to Heiko Braun from comment #4) > It's the same origin policy. Take a look at > https://issues.jboss.org/browse/HAL-475 Should this still remain in POST state? Bulk change from modified to on_qa on items that have been missed in past releases. Both issues are still reproducible with DR12. Attached screenshot of javascript console with DR12. Created attachment 966320 [details]
Same origin issue in DR12
(In reply to Jakub Cechacek from comment #9) > Both issues are still reproducible with DR12. > > Attached screenshot of javascript console with DR12. Jakub and I investigated these issues today and they appear to be both minor in nature and browser dependent. I recommend closing this issue as the issues do not appear to affect overall functionality. Claudio Miranda <claudio.br> updated the status of jira HAL-504 to Resolved |