Why chrome ignores X-frame-option: sameorigin? - x-frame-options

Chrome on Mac is ignoring X-frame-options header for my site.
I have set x-frame-options : sameorigin
I am using Google Chrome is up to date
Version 74.0.3729.157 (Official Build) (64-bit).
Chrome ignores header and opens site in iframe.
Firefox and safari is blocking site to be open in frame.
<head>
<meta charset="UTF-8">
<title>i Frame</title>
</head>
<body>
<h3>This is clickjacking vulnerable</h3>
<iframe src="https://www.example.com/" frameborder="2 px" height="500px" width="500px"></iframe>
</body>
</html>```

Related

TypeError: Cannot read properties of undefined (reading 'maps'). Google flutter maps web

Any idea of how to solve the problem Here
The platform is a flutter web
Add google maps script to web/index.html.
<head>
...
<script src="https://maps.googleapis.com/maps/api/js?key=YOUR_API_KEY"></script>
</head>
See google_maps_flutter_web for details.
Debug using terminal instead of using debug console.
Run this in terminal :
flutter run -d chrome --web-renderer html

Unable to get location or chose location in flutter web enabled application,where as it is working on mobile phone

I have built a firebase enabled flutter application. My application is working fine of android smart phone where as the application is unable to get the location of my desktop or laptop while launching the web enabled flutter application.
I have included all the required firebase configuration in index.html etc already.
Please check
<meta name="google-signin-client_id" content="533276524723-u0fdq5kn0fit8cj9vpvjcg6agt0ribs9.apps.googleusercontent.com">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black">
<meta name="apple-mobile-web-app-title" content="flutter_multivendor">
<link rel="apple-touch-icon" href="icons/Icon-192.png">
<script src="https://www.gstatic.com/firebasejs/8.6.5/firebase-app.js"></script>
<script src="https://www.gstatic.com/firebasejs/7.17.1/firebase-firestore.js"></script>
<script src="https://www.gstatic.com/firebasejs/8.4.1/firebase-messaging.js"></script>
<!-- TODO: Add SDKs for Firebase products that you want to use
https://firebase.google.com/docs/web/setup#available-libraries -->
<script src="https://www.gstatic.com/firebasejs/8.6.5/firebase-analytics.js"></script>
<script src="https://maps.googleapis.com/maps/api/js?key=AIzaSyCRFWubrqF6aeMRbK9jIMKoU0I3odIarB4"></script>
<script>
// Your web app's Firebase configuration
// For Firebase JS SDK v7.20.0 and later, measurementId is optional
var firebaseConfig = {
apiKey: "AIzaSyCRFWubrqF6aeMRbK9jIMKoU0I3odIarB4",
authDomain: "restaurant-4360f.firebaseapp.com",
projectId: "restaurant-4360f",
storageBucket: "restaurant-4360f.appspot.com",
messagingSenderId: "533276524723",
appId: "1:533276524723:web:e7ff59fdf36651806230c6",
measurementId: "G-Z6GZGF2MGW"
};
// Initialize Firebase
firebase.initializeApp(firebaseConfig);
firebase.analytics();
</script>
I am attaching the screenshots of the errors as below[

Blank page running Angular 9 app on ios 13

I have issues loading my Angular 9 app on iPhone, it loads in all desktop browsers and android devices, just got an blank page in iPhone. It raises an promiseReactionJob exception in the polyfills-es2015 file .. running the lasted iOS version (13.4.1). I see the in the index.html, the scripts are loaded as expected.
<script src="runtime-es2015.c741d58c5f0062b819ef.js" crossorigin="use-credentials" type="module"> </script>
<script src="runtime-es5.c741d58c5f0062b819ef.js" crossorigin="use-credentials" nomodule defer></script>
<script src="polyfills-es5.1e423cd55d051bbc2156.js" crossorigin="use-credentials" nomodule defer></script>
<script src="polyfills-es2015.367a122fcc429806387a.js" crossorigin="use-credentials" type="module"></script>
<script src="main-es2015.80003c523586b89abce8.js" crossorigin="use-credentials" type="module"></script>
<script src="main-es5.80003c523586b89abce8.js" crossorigin="use-credentials" nomodule defer></script>
It is production build: ng build --prod
The error below:
Or, disabling the --prod
The issue was due Safari/iOS doesn't implement addEventListener/RemoveEventListener, so the app called an undefined method and raised the exception. My fix was to add an iOS check and call addListener and removeListener only on iOS as addEventListener/RemoveEventListener were not in fem2015/layout.js loaded by Safari on iOS (tried iOS >= 12).

Iphone X space after Header in Ionic 3

I did all the needed updates and added the needed code to meta in index.html, but I still get white space at the bottom of the header before the content section starts. Please see screenshot. Also, it appears like the Title is being cut.
Here is my meta:
<meta name="viewport" content="viewport-fit=cover, width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=1.0, user-scalable=no">
My HTML:
<ion-header>
<ion-toolbar color="primary">
<ion-title>Saved</ion-title>
</ion-toolbar>
</ion-header>
My Ionic Info:
cli packages:
#ionic/cli-utils : 1.19.0
ionic (Ionic CLI) : 3.19.0
global packages:
cordova (Cordova CLI) : 7.1.0
local packages:
#ionic/app-scripts : 3.1.6
Cordova Platforms : ios 4.5.4
Ionic Framework : ionic-angular 3.9.2
System:
ios-deploy : 1.9.2
ios-sim : 5.0.12
Node : v7.10.0
npm : 4.2.0
OS : macOS High Sierra
Xcode : Xcode 9.2 Build version 9C40b
So my problem was that in App.scss I've explicitely changed the height of the Toolbar as follows:
.toolbar-background-ios {
background: #ffffff;
height: 70px; //This was the problem
}
By removing the height attribute, all works perfectly well for oth iPhone X and older iPhone 7 plus.
To elaborate if you ever want to change the height of the navigation bar, you set it directly in your variables.scss so it can be set globally like:
$toolbar-ios-height: 70px;
$toolbar-md-height: 70px;
The Very first thing to check is the Meta that should be like this
name="viewport" content="viewport-fit=cover, width=device-width, user-scalable=no, initial-scale=1, maximum-scale=1, minimum-scale=1"
And if it does not resolve your issue then try to update the status
bar plugin.
Run the following command.
ionic cordova plugin add
https://github.com/apache/cordova-plugin-statusbar.git
but before doing that remove the previously installed status bar
plugin and then install the above it will surely fix your problem.
References
GitHub link : https://github.com/apache/cordova-plugin-statusbar.git
If the issue still Persists then Kindly check your Global.SCSS file and look for the following
.platform-ios.platform-cordova:not(.fullscreen)
and find the toolbar-ios in that and adjust the header properties according to your requirements.

Login with JS and then using PHP SDK (Facebook)

I'm using this code to login my website via facebook:
<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
FB.init({
appId:'MYAPPID', cookie:true,
status:true, xfbml:true
});
</script>
<fb:login-button>Login with Facebook</fb:login-button>
Its working well and I see my application on facebook.com/editapps.php, but then when I want to start using PHP SDK I see that I didn't login. If I login via PHP SDK then I see that I logged in.. What is the problem here? Thank you.
What version of PHP SDK are you using? Because the latest 3.0.1 isn't compatible yet with javascript SDK. So you would need to downgrade to version 2 of the SDK until they will update the Javascript SDK too.
More info about this here: http://developers.facebook.com/blog/post/503/