Chrome Browser Connection Refused [Update Chrome to fix this]
Comments
-
Thank you for the explanation MikeT. Now we know what to look for if this happens again. Unfortunately, Chrome doesn't make it obvious when an update is available. (That I could see anyway.)
0 -
Updating Chrome fixed mine too.
As a clue to why this might have started happening, Windows just updated my desktop to Windows AU last night.
0 -
Hi guys,
Great to hear that, thanks for letting us know.
Unfortunately, Chrome doesn't make it obvious when an update is available.
That's part of the reason why we dislike silent updates and will not do this to 1Password.
As a clue to why this might have started happening, Windows just updated my desktop to Windows AU last night.
Hooray, I'm glad you finally got the AU installed. Hopefully, it sticks this time.
We think it may be just a coincidence but a lot of the affected users said both Windows and Chrome updates were installed at the same time, so this may have been a combination of everything.
0 -
Hi @looganh,
Thanks for writing in, I've merged your thread into this related thread. I'm glad you got it running by updating Chrome, which was the issue.
You can see my earlier comment about why this happened.
0 -
It wasn't us that found the fix, our customers here figured it out by updating Chrome first and letting us know. So, thanks to our awesome community here, we do love you guys.
0 -
I started to get this error on my work laptop after rebooting this morning. Everything was working yesterday.
Unfortunately, I do not have access to update Chrome since it is managed by corporate IT. I will send my diagnostic report to the team as well.
OS: Windows 7 Professional, SP1
Chrome: 52.0.2743.82 m
1P Extension: Beta 4.6.3.1
1Password Beta: 6.2.3280 -
Ouch. We haven't changed anything with 1Password, so it should still recognize Chrome's code signature — even an outdated version. The problem is that when there's an update pending, it invalidates the signature temporarily until the update is complete. You shouldn't have to reinstall it typically, but that may be necessary if it's damaged.
0 -
I've replied to your email, let's keep the conversation there because your issue may not be related here.
0 -
Hello,
I'm having the same problem. However, it just started happening in the past 3 days. When I restart my computer or start chrome it says "Browser connection refused - 1Password refused connection from untrusted source, check logs for details". I use McAfee for AV, but I always have and this hasn't been an issue before.
Thanks,
Eric0 -
This discussion was created from comments split from: Browser Extension with Windows 10.0
-
Hi @emandell,
Thanks for writing in. I've split your post from the other thread because your issue is not related to the AV but rather the expired Chrome certificate.
You most likely have a pending Chrome update ready to be installed. Please open Chrome, click on Settings (3 dots) on top right to select Settings and then About on the left sidebar. Let it finish installing and then restart Chrome, 1Password will then work.
0 -
I am running into pretty much the same issue where browser connection is refused.
Chrome Version: 56.0.2924.87
Extn Version: 4.6.3.90
Windows 7 64 bit.
There are two refused connecction attempts:
1. Kaspersky AV
2. Dropbox.0 -
I am running into pretty much the same issue where browser connection is refused.
Chrome Version: 56.0.2924.87
Extn Version: 4.6.3.90Windows 7 64 bit.
There are two refused connecction attempts:
1. Kaspersky AV2. Dropbox.
Errors from Event Viewer:
1. AgileBits.OnePassword.Browsers.WebSocketClientsWhitelist
Refusing helper connection from "{browserProcessFileName}" from port {port} and origin {origin}, because of request coming from another terminal session.
2. AgileBits.OnePassword.Browsers.WebSocketBrowserListener
WebSocketSharp.WebSocketException: The header of a frame cannot be read from the stream.
at WebSocketSharp.WebSocketFrame.processHeader(Byte[] header)
at WebSocketSharp.WebSocketFrame.<>c__DisplayClassa.b__9(Byte[] bytes)
at WebSocketSharp.Ext.<>c__DisplayClass9.b__8(IAsyncResult ar)0 -
Thanks for writing in about this.
I can see a couple of reasons for the issue. The refused connection attempt from Dropbox is a bit strange but I think we can ignore it for now.
Which version of Kaspersky anti-malware software are you using? Kaspersky Endpoint Security 10 by any chance? I'm asking because of this line in the log:
Refusing helper connection from "{browserProcessFileName}" from port {port} and origin {origin}, because of request coming from another terminal session.
This error is not related to a blockage by anti-malware software but rather because you seem to be using 1Password in a terminal server environment. This would suggest you're in a corporate or institutional network where endpoint security products like KES10 are used.
Cheers,
Alex
0 -
Hello Alex, Yes I am in a corporate network and we have KES10 which we cannot disable. My work just replaced my old computer with a new one. What surprises me is, 1Password works fine in my old computer (which I still have for a few more days for data transfer) in same environment, Win7 64 bit, KES10, 1Password 6.3.359d. I would like to get 1Password working on my new computer, before I give away my old one.
0 -
Are there more people in your company using 1Password on a corporate machine?
Is anything other than the extension not working as well?Kaspersky Endpoint Security 10 is the most likely culprit. Sometimes, if not set up properly, it will reroute network traffic happening at the localhost IP address 127.0.0.1 through the KES10 servers for scanning, causing 1Password to prevent a connection between the 1Password browser extension and the app itself.
Unfortunately, we've heard of cases where this would happen suddenly. KES10 can be a fickle beast.
I'm still thinking that you might be dealing with a Terminal Server issue here, meaning that more than 10 people on the network attempt to use the 1Password browser extension on their machines at one moment. In this case, because 1Password can only open 10 concurrent ports at 127.0.0.1, the connection can't be established.
If that's the case then we have good news in the form of a new communication protocol that will fix this type of issue very soon.
Cheers,
Alex
0 -
I am not sure how many people use 1Password on corporate machines or network. Other components of 1Password(window APP) works fine. I have tried using the browser extn at really late in the night, when I expect nobody at work and even then it failed connection. So I am not sure if its the 10 concurrent ports issue.
1. Is there something I can do to prevernt KES10 from rerouting the traffic?
2. I will need to return my older computer in a day or two. What can I do to make this work on my new machine?0 -
You make a good point.
If I'm not mistaken, you are using a 1Password.com account, so you won't have to worry about migrating your 1Password data over to the new machine. Just make sure that you have your Emergency Kit printed out and stored in a safe place, so that you can sign in to your account in 1Password 6 on the new machine.
If you're using a local 1Password vault (.agilekeychain, .opvault) besides that, please make sure to move it to the new machine, too.
These would be the most important things to do. With your data on the new machine, we can tackle getting it to work in the browser.
Your testing of 1Password when few users might be logged into the network to reduce the probability of a Terminal Server IP issue was very smart. Let's assume this is not the problem and focus on Kaspersky Endpoint Security 10 for now.
In our experience the most successful course of action would be to talk to your IT department and ask them to configure KES10 on your machine/your user account so it doesn't attempt to reroute HTTP communication at the localhost IP address 127.0.0.1 through the KES10 servers on your network. We've had reports of this fixing the issue for users.
If this doesn't work or your IT department can't make this type of exception, I'll have to ask you to wait. We're working on introducing a new way of having the 1Password app and the 1Password browser extension communicate with each other that will make this sort of problem a thing of the past.
Cheers,
Alex
0 -
OK Team. After playing with KES10 for a little bit, couldnt figure out how to get around this problem. I also updated my 1Password to 6.4. Even then I was running into:
1. AgileBits.OnePassword.Browsers.WebSocketClientsWhitelist Refusing helper connection from "2656" from port 50361 and origin chrome-extension://aomjjhallfgjeglblehebfpbcfeobpgk, because of request coming from another terminal session.- AgileBits.OnePassword.Browsers.WebSocketBrowserListener
WebSocketSharp.WebSocketException: The header of a frame cannot be read from the stream. at WebSocketSharp.WebSocketFrame.processHeader(Byte[] header) at WebSocketSharp.WebSocketFrame.<>c__DisplayClassa.b__9(Byte[] bytes) at WebSocketSharp.Ext. <>c__DisplayClass9.b__8(IAsyncResult ar)
Finally, the workaround: The old school way, I had to kill the avp process and let 1Password Extn connect to the helper. And then started my avp process back. This seems to have done the trick. I am not sure if this is THE permanent solution, but works for now.
Any comments suggestions from 1Password team or anyone to avoid future issues? Can 1Password consider this scenario in future developement cycles?
0 - AgileBits.OnePassword.Browsers.WebSocketBrowserListener
-
OK Team, after playing (with ITs help) with KES10 for little bit, I was unable to get around this problem. I also updated my 1Password to 6.4 and problem persisted. The errors were:
1. AgileBits.OnePassword.Browsers.WebSocketClientsWhitelist
Refusing helper connection from "2656" from port 50181 and origin chrome-extension://aomjjhallfgjeglblehebfpbcfeobpgk, because of request coming from another terminal session.- AgileBits.OnePassword.Browsers.WebSocketBrowserListener
WebSocketSharp.WebSocketException: The header of a frame cannot be read from the stream.
at WebSocketSharp.WebSocketFrame.processHeader(Byte[] header)
at WebSocketSharp.WebSocketFrame.<>c__DisplayClassa.b__9(Byte[] bytes)
at WebSocketSharp.Ext.<>c__DisplayClass9.b__8(IAsyncResult ar)
So the workaround is: The old fashioned way, kill the avp process, let 1Password extn connect to the helper. Restart avp process and for now its works fine. But I am not sure if this is the permanent solution.
1Password can you comment/suggest? Can you guys consider this scenario in future development cycles?0 - AgileBits.OnePassword.Browsers.WebSocketBrowserListener
-
Hi @Viswa2503,
The old fashioned way, kill the avp process, let 1Password extn connect to the helper. Restart avp process and for now its works fine. But I am not sure if this is the permanent solution.
That is the only workaround for now if you can't get KES10 to exclude your 1Password extensions on the localhost ports, we simply cannot allow anyone to interject themselves into our encrypted 1Password traffic. The good news, it will not be a permanent workaround for you. We're working on a brand new method of browser integration and if it works out, will bypass all of this and KES10 won't be an issue anymore.
Would you guys be willing to help us test this on your server when we're close to finishing it?
0 -
Yes I would be more than happy to Test the new integration method. FYI, We dont have Sophos, instead we have KES10 in corporate env.
0 -
Hi @Viswa2503,
Sorry about the mixup, I've corrected my post, it's the same for both. Is your email address up to date in your forum profile or can you email us at support+windows@agilebits.com, so we can talk about the new integration support.
0 -
Sent an email to support+windows@agilebits.com
0