[SalesForce] Error in loading the iFrame in Salesforce 1 Platform:

Scenario :
I have built desktop based Force.com platform and now i have enabled the Salesforce 1 Mobile app on my environment. Now if i try to load the same Desktop based Quote Detail page on Iphone 5 emulator on Google Chrome, i get this error

: [Report Only] Refused to frame 'https://c.na10.visual.force.com/apex/QuoteDetail?id=a0RF000000IYFfjMAH&sfdcIFrameOrigin=https%3A%2F%2Fna10.salesforce.com&isdtp=p1&sfdcIFrameHost=web' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.

Please if some one could help me figure out the reason. Really appreciate it

From the comments, here is the quote detail page:

<apex:page standardController="Quote__c" title="Quote Detail" sidebar="false">
    <apex:form >
        <c:QuoteDetail theQuoteId="{!Quote__c.Id}" />
    </apex:form>
</apex:page>

Best Answer

You are seeing this error due to a Content Security Policy (CSP) breach - a CSP is an HTTP header that defines a bunch of policies for resources. You are falling foul of the frame-src restriction. You can read more about this at:

http://www.html5rocks.com/en/tutorials/security/content-security-policy/

If the iphone5 emulator you are using is a chrome app, the default behaviour for those is to disallow external resources in iframes:

https://developer.chrome.com/apps/contentSecurityPolicy (search for frame-src).

If you don't have a real device I would use the desktop version of Salesforce1 (/one/one.app) with the browser resized appropriately.

Related Solutions

[SalesForce] salesforce loading an iframe

I noticed that the site you posted (https://sit.mylinkhere.com/) is using an invalid SSL certificate. The SSL certificate I'm presented with when I view that site is for dm2.fastdomain.com.

The problem is likely that your client is blocking this site because of the invalid SSL certificate. Your best bet is to fix the SSL certificate and try again.

If you continue to get errors after fixing the SSL certificate, you might want to verify that the site allows framing. Several things including framebusting, the X-Frames-Options, etc. can be used to prevent a website from being framed.

[SalesForce] Can i embed a iframe into the alert box in visualforce

Here is what you can do Create a custom button and fill in the details and in "Behavior Section" choose "Execute JavaScript" and for "Content Source" choose "OnClick JavaScript",and in the code section paste the following code

 
{!REQUIRESCRIPT("https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js")}
    function showSimpleDialog(){
   var sd = new SimpleDialog("Test"+Dialogs.getNextId(), true);

   sd.setTitle("Simple Dialog");

   sd.createDialog();

   window.parent.sd = sd;  sd.setWidth("50%");
  //Specify the iFrame and give URL of VF page
    sd.setContentInnerHTML("");

    if ($(sd.dialog).find('#InlineEditDialogX').size() == 0) {
    var close = $("<a id='InlineEditDialogX' title='Close' tabindex='0' href='javascript:void(0)' class='dialogClose'>Close</a>");

    close.mouseover(function() {

    this.className = 'dialogCloseOn';
    }).mouseout(function() {
    this.className = 'dialogClose';
    }).click(function() {

    // finally our on click handler which closes the dialog
    sd.hide();
    });
    // insert the new generated close button before the h2 tag so it'll show up on the top right corner
    close.insertBefore($(sd.dialog).find('.topLeft h2'));  
    } sd.show(); } showSimpleDialog();

This will bring up a modal where you can display your visual force page through iFrame and further through controller you can do all the DML operations.

Best Answer

Related Solutions

[SalesForce] salesforce loading an iframe

[SalesForce] Can i embed a iframe into the alert box in visualforce

Related Topic