I'm prompting users of IE to install the Chrome Frame add-on. If the user is on IE and doesn't have Chrome Frame installed, they are redirected (server side) to a page with a custom message and the install page in an IFrame:
http://www.google.com/chromeframe/?quickenable=true
After install has completed, Chrome Frame is not loaded in the current tab. Is there a way to force it to be? I've tried including redirect=True but that doesn't work because I have the page in a frame.
You make your pages work with Google Chrome Frame by adding a single tag, like this:
<meta http-equiv="X-UA-Compatible" content="chrome=1">
or by adding an X-UA-Compatible HTTP response header:
X-UA-Compatible: chrome=1
Add the meta tag to the html file which you are loading in the frame and it should initialize the chromeframe.
Related
I am using the following Content Security Policy in Report-Only mode:
Content-Security-Policy-Report-Only "default-src 'self'; report-uri /log_violations"
When I go to a URL on the server with an HTML page containing the following:
<!DOCTYPE html>
<head>
<title>
Test document
</title>
</head>
<html>
<body>
Hello
</body>
</html>
I am seeing the following error message in Firefox 57.0 on line 1:
Content Security Policy: The page’s settings observed the loading of a
resource at self (“default-src http://www3.thestar.com”). A CSP report
is being sent. Source: ;!function(){var t=0,e=function(t,e){ret...
In other browsers, like Edge, Chrome, I haven't seen these errors.
Any thoughts on whether this is a Firefox quirk or something I've set up incorrectly? I'm stumped as to why the policy is rejecting line 1 of every page.
You probably have an extension installed and enabled that is injecting content into the page. Try opening the page in a new Firefox profile without any extensions to see if you see the CSP violation reported.
Firefox is planning to exclude content injected by extensions in CSP checks starting Firefox 58 so this should reduce the noise from extensions doing stuff on a page.
From the Mozilla blog,
Starting with Firefox 58, the CSP of a web page does not apply to
content inserted by an extension. This allows, for example, the
extension to load its own resources into a page.
I try to find a solution for my offline webapp.
I have a fallback, but if i load the page online, i never return on the fallback page when i'm offline.
If i had the page in the NETWORK section, i never see the fallback.
Example, a login page below
CACHE MANIFEST
# Version 2017-01-24 18:13:30
CACHE:
http://mil.mydomain.com/myjs.js
http://mil.mydomain.com/mycss.css
http://mil.mydomain.com/my-image.jpg
FALLBACK:
http://mil.mydomain.com/login http://mil.mydomain.com/fallback
Thanks you
Ok, the solution, after hours of searching is very simple... :'(
If you don't want to always have the fallback page for a specific html page, you just need to remove the manifest attribute on the html tag on this page.
http://mil.mydomain.com/login => <html>
http://mil.mydomain.com/all-other-page-of-your-website => <html manifest="mycache.appcache">
And your page will always go on the fallback page if you are offline.
In Chrome I get the following error messages in the console
[blocked] The page at https://domain.com/home.html ran insecure
content from
http://domain.com/typo3temp/stylesheet_09c1ef800c.css?1345207892.
if I call https://domain.com. The user gets a page without stylesheets and images. What can I do against this?
The files are included like <script type="text/javascript" src="js/lib/jquery-1.5.1.min.js"></script> but I don't want to define the domain.
Should I completely switch to https by setting the base URL with https? Which other possibilites do I have?
I used
config {
baseURL = https://domain.com
}
and adapted all links which had a http in the beginning (otherwise the slider stopped working because Chrome didn't load the other ressources ...). Seems to work now.
I have a web application that uses ajax with prototype.js (Ajax.Updater).
new Ajax.Updater('someID','/some/url',
{
asynchronous:true,
evalScripts:true,
parameters:Form.serialize(Event.element(event).form),
requestHeaders:['X-Update', 'someID']
}
);
Some (not all) IE9 users experience a strange phenomenon.
UserAgent of normal (non-ajax) HTTP requests indicates that the browser is IE9, not in Compatibility View.
UserAgent of ajax HTTP requests indicates that the browser is IE7 (IE9's Compatibility View).
I want to force the browser not to use Compatibility View in ajax HTTP requests, but the html already has a meta tag : <meta http-equiv="X-UA-Compatible" content="IE=edge">.
Does anyone know the reason or workaround?
This is a possible solution - but not fully researched - try setting
Header set X-UA-Compatible "IE=edge"
in your httpd.conf or .htaccess file - this will add the X-UA-Compatible header to all responses from Apache to force IE not to use Compatibility Mode
Maybe it has been asked somewhere, but I am trying to find my question and I am not able to find any answer.
Here's my question:
I am developing a web application and because of some major JavaScript issue in IE8, I need the user to run "Google Chrome Frame" (To enhance the speed of the web page). I was impressed that my page was working 100% fine until the time it was supposed to be refreshing and it wasn't refreshing (Ajax getJSON request using jQuery).
The problem is that it does not request the new data on the server, but it looks like it goes in the cache for the answer of that request and then return the same thing every time instead of new data.
I don't really know how to explain it, but it just does not update. Also, when I hit F5 on the page, it does not update the page, it keeps the old page (even if I hit CTRL-F5 or any other normal force-refresh button). To have the changes, I actually need to close the browser (IE8) and re-open it so it can take the new changes.
Is there anyone who know how I could disable the cache when Google Chrome Frame is active?
The meta tag I use is :
<meta http-equiv="expires" content="0">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache, must-revalidate">
<META HTTP-EQUIV="X-UA-COMPATIBLE" CONTENT="CHROME=1">
If you need any more details, don't hesitate to ask.
An old CGI trick would have been to encode the date as a parameter onto the request so the URL changes with each request. That generally stops any caching on the URL.
So you'd have url?01102010134532 if you encoded date and time down to miliseconds.
If I understand your requirement properly, you'd have to do this in JQuery / JS and would need to modify the parameter on the URL after each AJAX request was made, so the next one would be different to the previous