Internet Explorer is denying access to a frame because it is on some other domain

AllanC10
AllanC10
Community Member
edited March 2013 in 1Password 4 for Windows
I have windows 7 in a Bootcamp partition. Windows is kept up to date, as is 1Password, Windows version. (I had the beta box checked on in the 1Password preferences but I turned it off to see if it made any difference to the following problem, which it didn't. Since I had the beta running in the first place, I'll mention the issue here.}
If I'm totally signed out of Google News, 1Password fills in the Google ID and password with no problem. If IE9 (or whatever) has remembered my ID and only presents a password box to be filled in, I eventually get the following message:
Internet explorer is denying access to a <frame> because it is on some other domain.
I usually run IE9 in a Parallels Windows 7 VM. In the VM, I'm always either fully signed in or fully signed out of Google News.
I don't see an IE9 option that only fills in the ID but not the Password and don't know what's filling it in in my Bootcamp version. Anyway, 1Password Windows isn't able to cope with that little window requesting password only

Comments

  • khad
    khad
    1Password Alumni
    edited July 2012
    Hi Allan,

    I moved your post to the Windows forum from the Windows BETA forum since there is not a beta version right now. That "Include Beta versions" box only checks the beta channel for updates. It doesn't do anything to toggle the state of the program you are currently running. Since there is no beta version available right now, you must be running a stable version. :)

    The message that you are seeing is specific to Internet Explorer. IE is preventing something called "cross-domain scripting".

    Essentially, it comes down to this: when the login <form> is inside some <frame> and this <frame> is hosted on some other domain (other than the current domain), then IE does not allow scripting access to that <frame> (and that's why 1Password cannot touch it).

    Whenever this happens, our advice is to use Auto-Type or the 1Password extension in a different web browser such as Chrome, Firefox, or Safari.

    If we can be of further assistance, please let us know. We are always here to help!
  • nastav
    nastav
    Community Member
    I'd like to tag along with this post and report a similar problem. I'm trying to use the browser extension to automatically fill creds at https://www.firsttechfed.com/. From what I can tell, the logon form here is not hosted within a <frame>, and there is no apparent x-domain scripting going on - yet I'm getting this error. I'm on v1.0.9.296.
  • khad
    khad
    1Password Alumni
    Welcome to the forums, nastav! The source code of the First Tech Federal Credit Union home page only shows an iframe for an ad which shouldn't have any effect on 1Password. Likely because of this no error was displayed when I saved and filled a sample Login on that page. Are you looking at a different URL? Do you have some other extension installed which may be modifying the page's contents? Could you post a screenshot? I can't reproduce the issue you describe and can't imagine why it would possibly happen.

    Please let me know if you can fill in some of those details for me. Thanks!
  • nastav
    nastav
    Community Member
    here is a screenshot -

    ve6b1i.png
  • khad
    khad
    1Password Alumni
    That is very puzzling. So far none of us on the team who have tested this have been able to reproduce the problem. Nothing in the page's source code indicates that you should be seeing that message. As I asked above,do you have some other extension installed which may be modifying the page's contents?

    I'm not sure how much difference it should make, but it appears that you may be running a prerelease version of Windows and Internet Explorer. Can you tell me if you have the problem in Windows 7 using Internet Explorer 9?

    Also, does it help if you delete the Login item and create a new one?
  • nastav
    nastav
    Community Member
    Apologies for the late response - this is on Win8 RTM.

    No other extensions installed - this is the only one. I see this behavior across multiple Win8 machines - work, home etc. On Win8, Safari works correctly, whereas Desktop IE10 has this error.
  • khad
    khad
    1Password Alumni
    Unfortunately, we cannot guarantee compatibility with pre-release software (including and especially operating systems). For now I would recommend using Safari (or Firefox or Chrome presuming it works fine there as well). Please let me know if you are having the problem in Windows 7 using Internet Explorer 9.
  • nastav
    nastav
    Community Member
    Khad, this is not a report on pre-release software. Windows 8 is released - perhaps not to the public at large - but it's certainly available in it's final form to most who are interested in it (esp. developers).

    I'm happy to wait until the end of October when Win8 is publicly available along with new PC's in market to bump this thread.
  • khad
    khad
    1Password Alumni
    Windows 8 is pre-release software (i.e. "Release Preview"). Otherwise what is happening on October 26, 2012? :)

    But that is not the main issue. The main issue is that we are not able to reproduce the problem at all, so it can be hard to resolve on our end if there is no problem to resolve in our testing.

    Do you have the problem in the current stable release of Internet Explorer 9 in Windows 7?

    Even if we could reproduce the issue, unless there is a bug in 1Password (which there may be, but we've not established that so far) the cross-domain scripting issue is an issue in Internet Explorer that 1Password has absolutely no control over. It is a product of the website's design and Internet Explorer's security model. 1Password is simply reporting the facts of the situation which neither you nor I can change.

    As I mentioned above: when the login <form> is inside some <frame> and this <frame> is hosted on some other domain (other than the current domain), then IE does not allow scripting access to that <frame> (and that's why 1Password cannot touch it).

    What is odd in this particular case is that it appears to be reporting incorrectly based on our testing and review of the site's code, but there is not anything 1Password can do if Internet Explorer is reporting this incorrectly.

    Whenever this happens, our advice is to use Auto-Type or the 1Password extension in a different web browser such as Chrome, Firefox, or Safari.
  • nastav
    nastav
    Community Member
    What is happening on Oct 26 is the general availability of Win8 - i.e., PC's will be available in retail stores with Win8 preinstalled, Win8 will be available as boxed sets in stores etc. For these to happen, developers, OEM's etc. will need to have Win8 available to them in it's final form for several weeks. The final version has been available since 8/14 url="http://en.wikipedia.org/wiki/Windows_8#Final_version"]http://en.wikipedia.org/wiki/Windows_8#Final_version[/url, which you can get from MSDN evaluation center url="http://msdn.microsoft.com/en-us/evalcenter/jj554510.aspx"]http://msdn.microsoft.com/en-us/evalcenter/jj554510.aspx[/url, or Windows Dev Center url="http://msdn.microsoft.com/en-us/windows/apps/br229516.aspx"]http://msdn.microsoft.com/en-us/windows/apps/br229516.aspx[/url. I don't have any Win7/IE9 boxes to test this on, and if you can't reproduce it with test creds, I'll take your word for it that it's not an issue on Win7. I suppose the question really is why IE10 might be reporting this incorrectly... I think the first step would be for you to be convinced that there is indeed an issue in a released software - so I'll wait until either you have had the opportunity to test 1Password out on Win8 by getting to it now, or post Oct 26 :-)
  • khad
    khad
    1Password Alumni
    We can split hairs all day long about the difference between RTM and actually shipping, but as I think we both agree that really is tangential to the real issue. As I said, we're not able to reproduce this at all. We may be able to get some more user data once Windows 8 actually ships and "regular folks" start using it as well. Until then, it will be hard to do anything to resolve this if it is indeed something we can resolve and not a bug in IE10 (which only seems to show up on your machine).

    Please do let us know if you uncover anything else which may shed some light on the situation.
This discussion has been closed.