Chrome behaving badly - Help

PeteM · January 13, 2020, 1:21pm

For months my Chrome installations (on different machines) have been working fine with my Webflow website.
I use a 3rd party plugin and if publishing from Webflow would always have to “allow” unsafe script - this is fine.
However, suddenly this option is no longer available - and therefore I cannot test these “unsafe” scripts - the strange thing is, even when I export the code and upload to the domain - the scripts still do not run and the option is not there…this DOES work in Internet Explorer and the 3rd party script itself works fine.

So does anyone know of an update to Chrome that would have stopped this from working?
(I work in software support so am not a IT newbie) - I cannot find any reference to this suddenly being deactivated.

Totally confused
Pete

webdev · January 14, 2020, 7:10pm

Which plugin or is it an extension to Chrome?

PeteM · January 15, 2020, 7:23am

It’s neither it’s a javascript from codecanyon. It worked fine up until last week. Now it seems Chrome has changed and if published from WF because there is no option to allow unsafe JS anymore it doesn’t work.

PeteM · January 15, 2020, 9:15am

I’ve checked again - and the site uploaded to the domain outside of Webflow works fine - http://plan-it-web.co.uk/OnTrial/music.html
However publishing and viewing from within Webflow no longer works https://ontrialuk.webflow.io/music - this is because Chrome no longer prompts to show unsafe scripts - at least it does not on the 4 different systems I have tried. This was working fine before Christmas. Probably not a WF issue as such but is really annoying. Note this works in IE.

pietrofalco · January 15, 2020, 9:25am

This is not a missbehaviour, and it’s not Google fault either, firefox and safari will block the scripts the same: Mixed content - Web security | MDN. Mixed content are blocked by default on all modern browsers, Firefox blocked them since version 23, Safari since version 9. Chrome since version 79 will no longer ask to unblock mixed contents. This is not a bad behaviour, this is a security protection. You can’t load unsecure resources from a secure context

PeteM · January 15, 2020, 10:37am

Can you explain why it works outside of webflow then?..surely if “mixed content” was being blocked it should not work at all.

pietrofalco · January 15, 2020, 10:45am

because in the other link you are in an insecure context, there is no mixing content, because all is insecure.

pietrofalco · January 15, 2020, 10:49am

Basically if your server has SSL certificate, all resources inside must be served from a server with an SSL certificate as well. Since in the second link you have no SSL certificate you don’t need to serve resources using https protocol

PeteM · January 15, 2020, 10:49am

Apologies - I have since found https://www.howtogeek.com/443032/what-is-mixed-content-and-why-is-chrome-blocking-it/ - and have found a way to override this - which is what I need for this particular site.

pietrofalco · January 15, 2020, 10:52am

The only way to override this issue is to serve the script using https. No other way around

PeteM · January 15, 2020, 1:09pm

Nope - I have changed the settings as per the article

“You’ll have to click the lock icon to the left of the page’s address, click “Site Settings,” and then unblock mixed content for that site.”

and it works fine. The site will be using http so it’s all good now.

Topic		Replies	Views
Trouble implementing Javascript from codepen Custom code	7	1543	January 15, 2020
Dynamic slider doesn't work on https Custom code	11	4864	July 21, 2017
External HubSpot Javascript Blocked by Webflow General	3	1219	January 25, 2020
URGENT - JS not working for no reason. Native anchor links are not working General	14	2029	July 25, 2020
Fullpage.js page scroll not working on live website Custom code	11	3005	August 17, 2018

Chrome behaving badly - Help

Related topics