rgruebel
commented
4 years ago Sorry for the late feedback. I can repoduce the problem with firefox, but I have not found a solution yet. Maybe someone else has an idea?
Open dh-harald opened 5 years ago
rgruebel
commented
4 years ago Sorry for the late feedback. I can repoduce the problem with firefox, but I have not found a solution yet. Maybe someone else has an idea?
codewise-nicolas
commented
4 years ago I checked my firefox, v73 (developer edition) and I can see the message as a warning, but not as an error. As a warning, its just precautionary to let us know it can escape the sandbox.
Do you see it as an error? Do you feel this is preventing your installation from working ?
The sandbox="" attribute comes from HASS, by using the panel_iframe function. To change the attributes would require going to HASS, specifically in the file ha-panel-iframe.html As per this SO answer https://stackoverflow.com/questions/35208161/is-it-safe-to-have-sandbox-allow-scripts-allow-popups-allow-same-origin-on-if allow-same-origin is not safe to use normally.
I would suggest you bring this up with the HASS developers to remove it, or to allow the config to set which attributes are used/set on iframes; as sometimes the iframe is pointing to our own local code which we deem safe and other times it may point to 3rd party where we want protections in place.
rgruebel
commented
4 years ago @codewise-nicolas
Looks like it works again with the current version. In a previous version it was an error and the map was not displayed
Hi,
I'm getting this error message in javascript console. Hopefully, some security stuffs in the newer firefox (69.0.2).
Can you fix this somehow?