How can i make my iframe work after google signature ?

Post reply

❤Follow Topic(3)

1 favourites

8 posts

From the Asset Store

Google Analytics 4

$6 USD

Google Analytics 4 Plugin for Construct 3 enables metrics and analytics for your games easily.

ppstudiomty

- tamiiirrr
- - Joined 9 May, 2020
  - 3 topics • 8 posts
- 1
- 2 Apr, 2022
- Quote
Hi !

I hope my problem has already happened to someone.

I integrate a web page of a personal domain in an iframe, everything works perfectly,
- I build the debug apk/aab, I test it on all possible supports (emulators, physical smartphone...) everything works very well
- I build the release apk/aab, I test it on all possible supports (emulators, physical smartphone...) everything works very very well
And when I send it to the google playstore, they "prepare the bundle" and offer me a version signed by google (the one that will be distributed to users) but when I download this new apk signed by google, and I test it on my smartphone, my iframe no longer seems to appear, and I find myself faced with a blank page.

I looked carefully at the responses of other threads in this forum to similar topics.

For example, the solutions that often come up are: whitelisting the site in the apk, or the famous CORS domain... I have of course tried these options, but my problem is not the same as these topics, because I don't I have no error message that appears when the iframe is displayed, and on the contrary, if I turn off the wifi when the iframe is launched, an error message appears indicating that it cannot resolve the DNS name, which means that the iframe is there and it works !?

I also added a function to get the size of the iframe in pixels (because I play a little with the size) but everything seems consistent and I get the right size.

I tried check the visibility of layer or iframe but all is ok.

As i say Everything works perfectly until google touches it, i don't understand.

So here I am stuck, I tried a lot of options, I don't really know what to do so I hope someone here will have the solution. I thank you in advance
Tagged:

apk
google-play
iframe
- tamiiirrr
- - Joined 9 May, 2020
  - 3 topics • 8 posts
- 1
- 3 Apr, 2022
- Quote
Hi !

good after several tests I realize that I manage to display the site https://apache.org and https://google.fr returns a ban (good thing) but my site still does not load!

I tell myself that the problem comes from the configuration on the server side, in my page I put the famous header("Access-Control-Allow-Origin: *"); I changed the file from apache config, I activated the header module, I also tried with the .htaccess but nothing.

:(
Try Construct 3

Develop games in your browser. Powerful, performant & highly capable.
Try Now Construct 3 users don't see these ads
- tamiiirrr
- - Joined 9 May, 2020
  - 3 topics • 8 posts
- 1
- 3 Apr, 2022
- Quote
Hello guys !

Here is where I am today, I will try to look into what apache.org accepts, if anyone has an idea I am a taker.
- So google and apache works but not my website.
- Here is the response from my server
- This is what apache.org tells me
see you later thanks
- oosyrag
- - Joined 20 Feb, 2013
  - 61 topics • 4,587 posts
- 1
- 3 Apr, 2022
- Quote
Do you have an 'x-frame-options' or 'frame-ancestors' line in your header?
- tamiiirrr
- - Joined 9 May, 2020
  - 3 topics • 8 posts
- 1
- 3 Apr, 2022
- Quote
Do you have an 'x-frame-options' or 'frame-ancestors' line in your header?

Thank you for your answer it seems that no I don't have 'x-frame-options' or 'frame-ancestors', I should?

I'll look into it, I've already done some research but I don't really understand how it works, what I understand is to authorize a particular domain or an origin but I don't know how to use it,

I inserted this line in my apache config I'm not sure of the syntax, and if I understand correctly it only authorizes the same domain, and i don't know how to authorize from the mobile !?

Header set Content-Security-Policy "frame-ancestors 'self';"
- oosyrag
- - Joined 20 Feb, 2013
  - 61 topics • 4,587 posts
- 1
- 4 Apr, 2022
- Quote
No, you don't want those things. Those are additional things that can prevent iframes from loading.
- tamiiirrr
- - Joined 9 May, 2020
  - 3 topics • 8 posts
- 1
- 4 Apr, 2022
- Quote
Hello,

Following the previous message, I therefore made sure that I did not have a parameter prohibiting integration by iframe on the server side.

Today i found this while trying to login, it seems the worker/browser doesn't recognize my certificate ?

[client ************:35954] AH02008: SSL library error 1 in handshake (server *****.***:443) SSL Library Error: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown (SSL alert number 46)
- tamiiirrr
- - Joined 9 May, 2020
  - 3 topics • 8 posts
- 1
- 4 Apr, 2022
- Quote
Problem solved!

I really suck! tell me if I should delete this post!

Suddenly the error came from my SSL configuration on the server side

I enabled "OCSP stapling"

These two links were helpful to me:
- https://httpd.apache.org/docs/trunk/fr/ssl/ssl_howto.html
- https://www.digicert.com/kb/ssl-support/pem-ssl-creation.htm
So here I have no more SSL error and my page is displayed again in the iframe without problem.

Need to try with google export but i think all is good now ! thanks

I'l be back :)