snippets no longer working

mvbaxter · April 23, 2019, 12:19am

It does not matter whether I click on a “Related samples” link, or clicking on some example provided in the forums. Anything that would normally load in a Snippets page fails to load.

I cannot see anything in any of the panes on ANY snippet.

I have tested with Chrome, Safari and Firefox. I have used Mac and Windows 10. All result in the same issue.

We have also new employees that I would like to bring up to speed, but I cannot do that with your Forums and Sample codes being such integral parts of your documentation.

I also need to prove to my management that your product and support are worth paying for. Unfortunately, one of our decision makers discovered your broken snippets.

Please help!

Helga · April 23, 2019, 6:39am

Hello,

It sounds strange. I have checked several documentation articles as well as forum posts - and the links to related snippets are working.

Maybe something was wrong with the server that very moment. Could you please double check the snippets and, if the problem persists, point to the problematic links?

mvbaxter · April 23, 2019, 8:04pm

As an example source, looking up queryView >> Samples >> Data Layout results in blank snippets page https://snippet.webix.com/031a3d61, with security errors in the Preview pane, and empty “JS Code” and “HTML Code” panels.

I have been experiencing this for close to two weeks, but only took the time to report it when a teammate expressed frustration over the same issue.

I have since tried on a Windows 10 computer, with IE11. It also has blank panels and errors. However, IE11 includes a red “Permission denied” alert in the upper-right corner.

Finally, I tested from my home computer and found no issues. Could your snippets be using a different protocol, or outdated Certificate that is causing our corporate security to block it? If there is anything you can discover, perhaps we can get an exception to policy for your sites/servers…

How frustrating! Thanks for any assistance.

mvbaxter · April 23, 2019, 8:14pm

As a follow-up, I did find the error below in my Chrome console:

Mixed Content: The page at 'https://snippet.webix.com/804cb41e' was loaded over HTTPS, but requested an insecure resource 'http://138.197.215.143:6080/php/urlblock.php?vsys=1&cat=15075&title=parked&…et.webixcode.com%2fsnippet.html%3ff21d4…'. This request has been blocked; the content must be served over HTTPS.

When I tell the browser to “Load unsafe content”, I get the following:

Refused to display 'http://138.197.215.143:6080/php/urlblock.php?vsys=1&cat=15075&title=parked&…et.webixcode.com%2fsnippet.html%3ff21d4…' in a frame because it set 'X-Frame-Options' to 'deny'.

I’m pretty sure our corporate firewall is blocking port 6080, as well as Chrome blocking mixed content.

I think our SECURITY team is working overtime to keep us secure by blocking any ports they do not expressly recognize. This seems to be a growing trend in corporate firewall/security software.

Any way your team could NOT use port 6080, but USE HTTPS for the data?

Helga · April 23, 2019, 9:29pm

Actually, we did improve content security policy for the Snippet Tool a couple of weeks ago, and this seems to be causing the described problems.

Right now I can confirm the denied permission in IE11 and Edge, that’s really frustrating. And we will investigate into the rest of the issues to come up with a solution.

Thanks a lot for reporting.

Helga · April 23, 2019, 9:32pm

As a side note, all custom scripts provided by users within the snippet code, must be loaded over https to avoid being blocked by browser.

maksim · April 25, 2019, 12:43pm

Issue with IE11/Edge is fixed
Snippets must work correctly in all supported browsers now.