You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by purplebadger <do...@eclipticdynamics.co.uk> on 2019/05/17 12:06:10 UTC
Nginx X-Frame-Options causing Chrome "Page Unresponsive error"
Hi,
Guac 1.0.0 running Nginx reverse proxy.
When connected to an RDP session from latest version of Chrome 74.x (and
anecdotally from Safari, version unknown), if you stop moving the mouse a
"This page has become unresponsive - would you like to kill, wait etc"
browser pop up appears, the pop up disappears if you move the mouse, stop
moving the mouse and it reappears - everything else seems to function
normally.
I suspected the Nginx policy may be to blame, I noticed some Developer tools
errors in Chrome relating to X-Frame so i commented out this line in my
Nginx conf:
#add_header X-Frame-Options DENY
This "resolved" the issue but....
Oddly, i do not experience this error in an old version of Chrome 70.x and I
do not experience this issue at all with Firefox.
I notice another post relating to content security policy in Nginx - i
realize that this config is probably out of scope of this support forum but:
Are you able to provide any generic advice setting X-Frame-Options properly?
Are their any other gotchas with Nginx config that can cause "Page
unresponsive errors" within Guac?
Any other nudges towards the correct path of Nginx config you are able to
provide greatly welcomed...
Thanks for everything.
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Nginx X-Frame-Options causing Chrome "Page Unresponsive error"
Posted by Mike Jumper <mj...@apache.org>.
On Fri, May 17, 2019 at 12:39 PM Zer0Cool <me...@gmail.com> wrote:
> For what its worth, I get the same/similar errors in the dev tools in
> Firefox
> 66.0.5 but it does not appear to cause any kind of adverse effect in
> Firefox.
>
> Load denied by X-Frame-Options:
> https://mydomain.com/app/element/templates/blank.html does not permit
> framing.
>
> TypeError: g.contentDocument is null [Learn More] onload
> https://mydomain.com/app.js?v=1.0.0:281 app.js:281:384
>
> For me the page unresponsive issue in Chrome is reproducible, but not
> consistently immediate upon ceasing use of the mouse. Some times its the
> second I stop using it, other times it takes 30-60 seconds...in other cases
> it does not seem to happen (at least I am not waiting long enough for it to
> happen). I dont get any such reaction in Firefox.
>
> I am still testing out tweaks and other things to see if I can negate the
> problem.
>
Using "X-Frame-Options: SAMEORIGIN" would be the general solution, as guac
does partly depend on being able to point an iframe/object at itself, at
least for the features noted.
I am curious what would cause that behavior when "DENY" is used. Profiling
things in dev tools may reveal where the cycles are being spent while the
page is unresponsive.
- Mike
Re: Nginx X-Frame-Options causing Chrome "Page Unresponsive error"
Posted by Zer0Cool <me...@gmail.com>.
For what its worth, I get the same/similar errors in the dev tools in Firefox
66.0.5 but it does not appear to cause any kind of adverse effect in
Firefox.
Load denied by X-Frame-Options:
https://mydomain.com/app/element/templates/blank.html does not permit
framing.
TypeError: g.contentDocument is null [Learn More] onload
https://mydomain.com/app.js?v=1.0.0:281 app.js:281:384
For me the page unresponsive issue in Chrome is reproducible, but not
consistently immediate upon ceasing use of the mouse. Some times its the
second I stop using it, other times it takes 30-60 seconds...in other cases
it does not seem to happen (at least I am not waiting long enough for it to
happen). I dont get any such reaction in Firefox.
I am still testing out tweaks and other things to see if I can negate the
problem.
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Nginx X-Frame-Options causing Chrome "Page Unresponsive error"
Posted by Mike Jumper <mj...@apache.org>.
On Fri, May 17, 2019 at 10:59 AM Zer0Cool <me...@gmail.com> wrote:
> I can confirm, at least partially, the behavior. Guac 1.0.0, no prior
> issues,
> within the last week(s) Chrome has been doing this. Chrome confirmed v74.
>
> I currently have x-frame set to deny. I do not use Duo or file xfer.
>
> As mentioned, "SAMEORIGIN" is likely a better setting which I have been
> testing myself along with some other stuff.
>
> Chrome dev tools console shows 2 errors:
>
> Refused to display 'https://mydomain.com/app/element/templates/blank.html'
> in a frame because it set 'X-Frame-Options' to 'deny'.
>
> Uncaught TypeError: Cannot read property 'defaultView' of null
> at HTMLObjectElement.g.onload (app.js?v=1.0.0:281)
>
>
The blank.html template is used as the contents of the object tag used to
hook into DOM element resize events:
https://github.com/apache/guacamole-client/blob/d1e928bea79ca81c827e9b6adedabc98eefdf701/guacamole/src/main/webapp/app/element/directives/guacResize.js#L49-L54
https://github.com/apache/guacamole-client/blob/d1e928bea79ca81c827e9b6adedabc98eefdf701/guacamole/src/main/webapp/app/element/directives/guacResize.js#L102-L105
That would at least break automatic scaling/resize of the display, perhaps
more if that error stops other parts of the application from running, but I
don't see how that would cause a page unresponsive error.
The first leads me to believe x-frame is the culprit. The second error could
> just be caused by the first.
It does look like X-Frame-Options is being interpreted by Chrome to block
the object element from loading blank.html. I would have expected Chrome to
block this in older versions, as well, though.
- Mike
Re: Nginx X-Frame-Options causing Chrome "Page Unresponsive error"
Posted by Zer0Cool <me...@gmail.com>.
I can confirm, at least partially, the behavior. Guac 1.0.0, no prior issues,
within the last week(s) Chrome has been doing this. Chrome confirmed v74.
I currently have x-frame set to deny. I do not use Duo or file xfer.
As mentioned, "SAMEORIGIN" is likely a better setting which I have been
testing myself along with some other stuff.
Chrome dev tools console shows 2 errors:
Refused to display 'https://mydomain.com/app/element/templates/blank.html'
in a frame because it set 'X-Frame-Options' to 'deny'.
Uncaught TypeError: Cannot read property 'defaultView' of null
at HTMLObjectElement.g.onload (app.js?v=1.0.0:281)
The first leads me to believe x-frame is the culprit. The second error could
just be caused by the first.
If I find more info ill post back.
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Nginx X-Frame-Options causing Chrome "Page Unresponsive error"
Posted by Mike Jumper <mj...@apache.org>.
On Fri, May 17, 2019 at 5:06 AM purplebadger <do...@eclipticdynamics.co.uk>
wrote:
> Hi,
>
> Guac 1.0.0 running Nginx reverse proxy.
>
> When connected to an RDP session from latest version of Chrome 74.x (and
> anecdotally from Safari, version unknown), if you stop moving the mouse a
> "This page has become unresponsive - would you like to kill, wait etc"
> browser pop up appears, the pop up disappears if you move the mouse, stop
> moving the mouse and it reappears - everything else seems to function
> normally.
>
> I suspected the Nginx policy may be to blame, I noticed some Developer
> tools
> errors in Chrome relating to X-Frame so i commented out this line in my
> Nginx conf:
> #add_header X-Frame-Options DENY
>
> This "resolved" the issue but....
>
>
Page unresponsive messages from the browser indicate that JavaScript on the
page in taking too long to run. As the "X-Frame-Options" header serves only
to block usage of iframes in specific contexts, I don't see how the
presence of "X-Frame-Options" could possibly lead to "page unresponsive".
It also doesn't make sense that moving the mouse would have any effect, as
the nature of "page unresponsive" is that JavaScript is taking so long that
events cannot be processed, including mouse events.
There are only two places in the codebase where an iframe is used:
1) Duo authentication
2) Inbound file transfer (from server to client)
Neither of the above would lead to "page unresponsive" if usage of iframe
were unavailable.
Oddly, i do not experience this error in an old version of Chrome 70.x and I
> do not experience this issue at all with Firefox.
>
My Chromebook is running Chrome 74; no issues.
> I notice another post relating to content security policy in Nginx - i
> realize that this config is probably out of scope of this support forum
> but:
> Are you able to provide any generic advice setting X-Frame-Options
> properly?
>
You can freely set "X-Frame-Options". I'd recommend "SAMEORIGIN" rather
than "DENY", so that inbound file transfer will not be blocked, but no
value will result in an unresponsive application. As noted in the thread
you reference, I have "X-Frame-Options" set as we speak.
Are their any other gotchas with Nginx config that can cause "Page
> unresponsive errors" within Guac?
>
There are no known issues which would cause the behavior you're seeing,
including "X-Frame-Options".
- Mike