beware http://video.ft.com/ busting out of the playlist

[railsagainstignorance]

have found a way to break display screens. Just assign http://video.ft.com/ to a screen, and then try and unassign it.

This url appears to bust out of the viewer wrapper and display as its own thing, whilst hanging/crashing the viewer (so it appears to be offline).

This means that you can't remove it from the playlist of the screen because the screen is offline.

OTOH, assigning a specific video, e.g. http://video.ft.com/4594811627001/Walls-of-worry/Editors-Choice, seems to work ok, and auto-repeats (I think)

p.s. had to edit the localStorage viewerData_v2 to remove the http://video.ft.com/ entry from my local viewer

[JakeChampion]

Sounds like video.ft.com has some iframe busting logic

[JakeChampion]

It also seems that url just sends a 301 redirect to http://video.ft.com/4604702997001/Blocks-on-road-to-Paris-climate-deal/Editors-Choice

[JakeChampion]

<iframe sandbox="allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts" src="http://video.ft.com"><iframe>

Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://ftlabs-screens.herokuapp.com/viewer' from frame with URL 'http://video.ft.com/4604702997001/Blocks-on-road-to-Paris-climate-deal/Editors-Choice'. The frame attempting navigation of the top-level window is sandboxed, but the 'allow-top-navigation' flag is not set.

Uncaught SecurityError: Blocked a frame with origin "http://video.ft.com" from accessing a frame with origin "http://ftlabs-screens.herokuapp.com". Protocols, domains, and ports must match.

Uncaught SecurityError: Failed to set the 'domain' property on 'Document': Assignment is forbidden for sandboxed iframes.

[triblondon]

Add a nice error message that advises people to use Electron app.

[AdaRoseCannon]

@triblondon this should also behave correctly in the chrome extension too. Are we still supporting that?