search

publiclab / plots2

a collaborative knowledge-exchange platform in Rails; we welcome first-time contributors! :balloon:
https://publiclab.org
GNU General Public License v3.0
957 stars 1.83k forks source link

Embedded etherpad seems to fail sometimes #9553

Open icarito opened 3 years ago

icarito commented 3 years ago

https://publiclab.org/talk/organizing shows an error:

An error occurred
Please press and hold Ctrl and press F5 to reload this page
If the problem persists please send this error message to your webmaster:

ErrorId: XpbIdoH3URvqgYScs8lq
URL: https://pad.publiclab.org/p/organizing
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36
Uncaught TypeError: Cannot read property 'length' of undefined in https://pad.publiclab.org/javascripts/lib/ep_etherpad-lite/static/js/pad_utils.js?callback=require.define&v=67a7b43f at line 22

The console also shows:

Uncaught DOMException: Blocked a frame with origin "https://pad.publiclab.org" from accessing a cross-origin frame.
    at Object.<anonymous> (https://pad.publiclab.org/javascripts/lib/ep_etherpad-lite/static/js/pad.js?callback=require.define&v=67a7b43f:25:1479)
    at t (https://pad.publiclab.org/javascripts/lib/ep_etherpad-lite/static/js/pad.js?callback=require.define&v=67a7b43f:25:388)
    at https://pad.publiclab.org/javascripts/lib/ep_etherpad-lite/static/js/pad.js?callback=require.define&v=67a7b43f:25:2187
    at Function.v.each.v.forEach (https://pad.publiclab.org/javascripts/lib/ep_etherpad-lite/static/js/ace2_common.js?callback=require.define&v=67a7b43f:23:1720)
    at Object.d.onEditorReady (https://pad.publiclab.org/javascripts/lib/ep_etherpad-lite/static/js/pad.js?callback=require.define&v=67a7b43f:25:2166)
    at readyFunc (https://pad.publiclab.org/p/organizing:17:18)
    at eval (eval at R (:1:1), <anonymous>:5:47441)

And:

Uncaught TypeError: Cannot read property 'length' of undefined
    at Object.toggleDropDown (pad_utils.js?callback=require.define&v=67a7b43f:22)
    at Object.showModal (pad_utils.js?callback=require.define&v=67a7b43f:26)
    at Object.disconnected (pad.js?callback=require.define&v=67a7b43f:40)
    at r.<anonymous> (pad.js?callback=require.define&v=67a7b43f:3)
    at r.emit (index.js:83)
    at r.onevent (index.js:83)
    at r.onpacket (index.js:83)
    at r.<anonymous> (index.js:83)
    at r.emit (index.js:83)
    at r.ondecoded (index.js:83)

This looks like it may be a cross-origin header missing, but it's not clear why this page is affected when https://publiclab.org/talk/wwg isn't.

Note that the actual content of the pad is accessible at https://pad.publiclab.org/p/organizing

TildaDares commented 3 years ago

@icarito Can I work on this?

icarito commented 3 years ago

Hi @TildaDares , nice of you to offer. If you have an insight, feel free to make suggestions! It is unclear to me what is going on or if the fix can be applied to plots2 or rather it could be a missing / wrong header configuration in our webserver.

In the first case I would try if a different sandbox setting for the iframe can do the trick, in the second case only I (the sysadmin) has access to alter the webserver configuration, so in that let me know if you think a configuration change is needed.

So feel free to explore the issue and let us know if you find any clues as to what is going on!

TildaDares commented 3 years ago

@icarito From what I've read I think the issue is because of the same-origin policy. Accessing an iframe with a different origin using Javascript probably caused the error.