Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Marketplace Reviews no longer shown #18740

Closed
tsteur opened this issue Feb 4, 2022 · 2 comments
Closed

Marketplace Reviews no longer shown #18740

tsteur opened this issue Feb 4, 2022 · 2 comments
Labels
Bug For errors / faults / flaws / inconsistencies etc. not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Milestone
4.8.0

Comments

@tsteur
Copy link
Member

tsteur commented Feb 4, 2022

follow up from https://github.com/matomo-org/matomo/pull/18215/files

image

It's not allowing shop.matomo.org to be opened in an iframe.

To reproduce go to Marketplace, then click on a premium feature, then click on Reviews tab
@tsteur tsteur added Bug For errors / faults / flaws / inconsistencies etc. Regression Indicates a feature used to work in a certain way but it no longer does even though it should. labels Feb 4, 2022
@tsteur tsteur added this to the 4.8.0 milestone Feb 4, 2022
@sgiehl
Copy link
Member

sgiehl commented Feb 4, 2022

@tsteur According to the browsers message the problem actually is, that shop.matomo.org only allows to be framed by plugins.matomo.org by sending the csp header: frame-ancestors https://plugins.matomo.org;. I guess we would actually need to allow any source, as it might be opened by any matomo instance.

In addition it might also be needed to add frame-src: *.matomo.org within Matomo, but we can check that once the issue above is solved.

@tsteur
Copy link
Member Author

tsteur commented Feb 8, 2022

👍 thanks for this. created an internal issue

@tsteur tsteur closed this as completed Feb 8, 2022
@tsteur tsteur added not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org. and removed Regression Indicates a feature used to work in a certain way but it no longer does even though it should. labels Feb 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug For errors / faults / flaws / inconsistencies etc. not-in-changelog For issues or pull requests that should not be included in our release changelog on matomo.org.
Projects
None yet
Milestone
4.8.0
Development

No branches or pull requests
2 participants
@tsteur @sgiehl