Skip to main content
W
walt
Participant
July 14, 2023
Question

allow-forms allow-modals allow-popups allow-same-origin allow-scripts

  • July 14, 2023
  • 2 replies
  • 1020 views

Hello Guys,
We recently upgraded our site (https://globalmissionsnow.org/) from CF2016 to coldfusion 2021. Since then donate now, Contact pages submit etc button no longer respond. Upon inspection on the console it is saying

Blocked opening in a new window because the request was made in a sandboxed frame whose"allow-popups" permission is not set.

We also get "sandbox', 'allow-forms allow-modals allow-popups allow-same-origin allow-scripts" not set

This topic has been closed for replies.

2 replies

BKBK
Community Expert
BKBKCommunity Expert
Community Expert
July 16, 2023

Hi @walt , what you're getting are all front-end errors. That is, errors related to Javascript and CSS. They are unrelated to the ColdFusion server at the back-end, as Charlie rightly suggested.

 

From what I can see, clicking on the Donate button is blocked for security reasons. You can get information about the cause of the errors yourself. To do so, proceed as follows:

  1.  Open the page https://globalmissionsnow.org/ in a browser. Press F12 on the keyboard to open Developer Tools.
  2.  Click on the Console tab. You will then see a list of Javascript and CSS errors. An example using Edge browser:

     

     The Donate button is visible in my example. Let's suppose that opening Developer Tools obscures the button in your case. Then you should move the vertical panel-line separating the web-page and the Developer Tools until you are able to see the button. 
  3.  Now, click on the Donate button, and observe what happens in the Console panel. You will see that the following error message appears: "Blocked opening 'https://globalmissions.givingfuel.com/donate' in a new window because the request was made in a sandboxed frame whose 'allow-popups' permission is not set."

     


    That seems to be the reason why clicking on the button fails to open a new page. It is apparently because that event violates the CORS (Cross-Origin Resource Sharing) rules.

    An iFrame seems to be involved. If indeed so, then an iFrame sandbox attribute such as the following might help:
    sandbox="allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts allow-top-navigation"​

    You should get a Front-End specialist to fix the problem.

 

 

W
waltAuthor
Participant
July 19, 2023

Thanks BKBK,

We unfortunately cannot wait to work on this fix. We have decided to buy and migrate the contents to another site in Godaddy website builder. We dont have the recourses to spend on the Javascript and CSS errors fixes based on the migration from CF2016 to 2021 at the moment. We had the site running for 10+ years in coldfusion.

BKBK
Community Expert
BKBKCommunity Expert
Community Expert
July 19, 2023

@walt , there has actually been a change in the front-end of your homepage. The 'Donate Now' button has been replaced by a link. That further confirms that the problems you were having were unrelated to ColdFusion.

 

 

Charlie Arehart
Community Expert
Charlie ArehartCommunity Expert
Community Expert
July 15, 2023

I'm not aware of any cf change to explain all that. 

 

Did you also put the new cf on a new server? New version of your OS? New web server version? Those may be what introduced the changes.

 

Knowing that, look into the problem WITHOUT respect to cf, and you may find many other explanations online.

 

Or perhaps someone more familiar with the issue(s) may chime in. 

/Charlie (troubleshooter, carehart. org)
W
waltAuthor
Participant
July 19, 2023

Thanks Charlie,

We unfortunately cannot wait to work on this fix. We have decided to buy and migrate the contents to another site in Godaddy website builder. We dont have the recourses to spend on the Javascript and CSS errors fixes based on the migration from CF2016 to 2021 at the moment. We had the site running for 10+ years in coldfusion.

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices