rllola
commented
8 years ago +1 I would also need to remove cross-origin restriction to be able to use react-router browserHistory and to access indexedDB
Open obv-mikhail opened 8 years ago
rllola
commented
8 years ago +1 I would also need to remove cross-origin restriction to be able to use react-router browserHistory and to access indexedDB
HelloZeroNet
commented
8 years ago It would be a huge security risk (any site would able to access and modify all other site's data). Disqus-like plugin would result in centralization, which is agains the main goal of the project. Embedding a video does not requires iframe: with the future youtube plugin you will refer the video as the hash.
rllola
commented
8 years ago any site would able to access and modify all other site's data
But you need the private key to modify a site and publish the modification ?
If it is not possible what about an indexedDB wrapper function like for localStorage ? I could prepare a PR.
HelloZeroNet
commented
8 years ago The problem is if you can include other site in a frame, then you can execute zeroframe commands as the site (eg fileWrite)
IndexedDB ZeroFrame API command could be possible, but it's harder than localstorage, because there is more functions and you cannot pass javascript object, so you need to pass every command to the external wrapper.
rllola
commented
8 years ago I am ok to spend some times on it and see where it lead us if you think that you could then add it to ZeroNet. I am exploring an other solution to fix my problem but I still think that it is a nice feature.
ghost
commented
6 years ago I see, here they write that the problems with the iframe have been around for a long time. But I have worked in ZeroBlogs YouTube through the iframe for a long time and well. I left a lot of blogs posts with YouTube video inserts. But recently they all stopped working :-/
Reason: CORS header 'Access-Control-Allow-Origin' missingIs it possible to think of something to make YouTube videos work again on ZeroBlogs?
ghost
commented
6 years ago The most common thing is that earlier in ZeroBlog worked perfectly iframe-inserts on YouTube-video. I read reviews that iframe in ZeroNet and should not work, but I used such videos in blogs dozens of times and everything worked fine. But recently it stopped working. Apparently, YouTube has increased security requirements. And now they require a header:
Uncaught DOMException: Failed to read the 'cookie' property from 'Document': The document is sandboxed and lacks the 'allow-same-origin' flag.Can not this be fixed in ZeroNet itself? :)
Here are examples of videos that worked fine before, but stopped working now:
http://127.0.0.1:43110/144W6itCd6jUqHDx5SDjbFaRdTnh4gRBBA/?Post:41:60+years+of+space+age
HelloZeroNet
commented
6 years ago I'm afraid this is the limitation of browser's iframe sandbox. Do you have any idea when did it worked for you last time?
Currently embedding other zites is impossible due to cross-origin restrictions. Maybe there should be an option to disable the restrictions within a site's "content.json" file?
Use case scenarios: