i wrote a little extension to my site.
I've added my site in Webmaster Tools in purpose of verified, which is www.love2live.pl.
I've a button on my site Add to chrome, when i click in, then i got a message like:
inline install failed: Installs can only be initiated by one of the Chrome Web Store item's verified sites.
My extension is a private, but people with link may find it, i dont't know what i should to do yet, that will be working fine.
In <head> i added:
<link rel="chrome-webstore-item" href="https://chrome.google.com/webstore/detail/myID" >
and in button i added:
<button onclick="chrome.webstore.install(undefined, undefined, function(err) {console.log('inline install failed: ' + err)})" id="install-button">Add to Chrome</button>
Any solutions?
Regards,
Adrian
You may refer with this thread. There might be an issue with https verified sites. Try to switch the verified domain to not be SSL and see if it works. Also according to this documentation, inline installations can only be initiated by a page on a site that is verified (via Webmaster Tools) as being associated with that item in the Chrome Web Store for security reasons. You may double check your configuration.
So, I have a selfhosted Ghost blog and there are a couple of odd behaviors
URL: https : //prusik.io/jubbaonjeans/
The cover image loads just fine in IE, but refuses to load in Chrome (for Windows and Android) or Firefox. Here's the code from the source:
<header class="main-header " style="background-image: url(/jubbaonjeans/content/images/2015/01/CoverForBlog-7.jpg)">
In addition, I have a script for Disqus comments. Similar behavior where it works in IE, but not Chrome or Firefox
URL: https://prusik.io/jubbaonjeans/mnrega-and-welfare/
I am using the instructions here (https :// help.disqus.com/customer/portal/articles/1454924-ghost-installation-instructions) to enable Disqus on my blog. (odd URL as I am only allowed 2 links in this post)
Finally, the Ghost image uploader (For cover image and post images) throws a weird error. I am still able to upload images, but the error remains. Again, works just fine in IE
Error: https://prusik.io/jubbaonjeans/content/images/2015/01/UploaderIssue.JPG
Also, I was a programmer at one point and now into InfoSec. My knowledge of CSS and HTML5 programming is basic.
Thanks in advance!
I have a page that I want to be loaded only from an iFrame.
I use the solution on this link to do it.
How to identify if a webpage is being loaded inside an iframe or directly into the browser window?
but it doesn't work in IE so I use conditional comments like this
<!--[if IE 9]>
<script type="text/javascript">
window.location = "http://mysite.com/nodirectvisit.html";
</script>
<![endif]-->
Together they are now working in IE, Chrome, FF, and Opera.
I just want to ask if there are still other ways to visit my page directly?
Thanks
If a user disables javascript, then your code will not run. Maybe use Sessions to track from where users are coming from?
Anyone with javascript disabled or NoScript would be able to open the page directly. The javascript should prevent the majority of users.
You can check the referrer of the iframe page to make sure it's the page that contains the iframe. The referrer isn't the most reliable field, but if you're more worried about people visiting the page not in an iframe than people not being able to see it at all, that might be the way to go.
Good afternoon. i am working on implementing the facebook like box into website. i have generated the code on this facebook page
https://developers.facebook.com/docs/reference/plugins/like-box/
which generated the following code: <iframe src="//www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FStripeworX%2F203309163017772&width=292&height=300&colorscheme=light&show_faces=true&border_color&stream=true&header=true" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:292px; height:300px;" allowTransparency="true"></iframe>
The issue is when i test the page in internet explorer i receive the following error:
Cannot find
'file://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FStripeworX%2F203309163017772&width=292&height=300&colorscheme=light&show_faces=true&border_color&stream=true&header=true'. Make sure the path or Internet address is correct.
thank you, any information that can be provided is appreciated!
Try adding an http or https at the beginning of the scr attribute of the iframe.
It appears that you are doing some sort of local development and the ommision of the protocol makes your platform believe that the source of the iframe is a local file.
When I go to our web site through HTTPS mode, Chome is reporting an error saying that the page contains secure and not secure items. However, I used Firebug, Fiddler, and HttpDebuggerPro, all which are telling me that everything is going through HTTPS. Is this a bug in Chrome?
Sorry but I'm unable to give out the actual URL.
A bit late to the party here but I've been having issues recently and once I had found a http resource and changed it was still getting the red padlock symbol. When I closed the tab and opened a new one it changed to a green padlock so I guess Chrome caches this information for the lifetime of the tab
Current versions of Chrome will show the mixed content's URL in the error console. Hit CTRL+Shift+J and you'll see text like:
"The page at https://www.fiddler2.com/test/securepageinsecureimage.htm contains insecure content from http://www.fiddler2.com/Eric/images/me.jpg."
I was having the same issue: Chromium showing the non-secure static files, but when everything was http://.
Just closing the current tab and re-opening the page in another new tab worked, so I think this is a Chromium/Chrome bug.
Cheers,
Diogo
Using Chrome, if you open up the Developer Tools (View > Developer > Developer Tools) and bring up the Console and choose to filter to warnings, you'll see a list of offending URLs.
You'll see something like the following if you do have insecure content
The page at https://mysite/ displayed insecure content from http://insecureurl.
For the best experience in finding the culprit, you'll want to start your investigation in a new tab.
It is possible that a non-secure URL is referenced but not accessed (e.g. the codebase for a Flash <object>).
I ran into this problem when Jquery was being executing a a few seconds after page load which added a class containing a non-secure image background. Chrome must continually to check for any non-secure resources to be loaded.
See the code example below. If you had code like this, the green padlock is shown in Chrome for about 5 seconds until the deferred class is applied to the div.
setTimeout(function() {
$("#some-div").addClass("deferred")
}, 5000);
.deferred
{
background: url(http://not-secure.com/not-secure.jpg"
}
Check the source of the page for any external objects (scripts, stylesheets, images, objects) linked using http://... rather than https://... or a relative path. Change the links to use relative paths, or absolute paths without protocol, i.e. href="/path/to/file".
If all that if fine, it could be something included from Javascript. For example, the Google Analytics code uses document.write to add a new script to the page, but it has code to check for HTTPS in case the calling page is secure:
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
On the release of Chrome version 53 on Windows, Google has changed the trust indications to initiate the circle-i. Afterward, Google has announced a new warning message will be issued when a website is not using HTTPS.
From 2017 January Start, Popular web browser Chrome will begin
labeling HTTP sites as “Not Secure” [Which transmit passwords / ask
for credit card details]
If all your resources are indeed secure, then it is a bug. http://code.google.com/p/chromium/issues/detail?id=72015 . Luckily it was fixed.