Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.I've got a JS error when uploading a new file within the Media Browser on a site where node edit page is using https. This problem goes away when I update the securepages config to remove node/*/edit and node/add/* from the list of secure pages. However I thought I should report it here.
The error I got caused the modal to remain open after I have saved the newly added file. The modal ends with a screen saying 'Document test.txt has been updated.' and remains open, hence I am unable to continue editing the node.
The JS error is:
Error: Permission denied to access property 'document'
Occuring in media.browser.edit.js
on the line:
var $iframe = $('iframe.media-modal-frame', parent.window.document);
It seems it is probably hardcoded in the JS to use http, where it should probably use //. I haven't had a chance to look into this deeper yet.
Thanks.
Comments
Comment #1
gmclelland CreditAttribution: gmclelland commentedNot sure, but maybe this is related #1833742: Submit button does not work in Media Browser when selecting media
see http://drupal.org/node/1833742#comment-7030100
Comment #2
victoriachan CreditAttribution: victoriachan commentedHi,
Thanks for checking. Yes it is related to the issue in that comment (the part about SSL, not the large file icon).
As I've mentioned, I did work around this by disabling securepages on the node edit page. Before that I have already disabled securepages on media/* pages, but that didn't help. It was only when I disabled it on node/*/edit and node/add/* that fixed it.
Oh, I forgot to mention that it was all working fine when I was using 7.x-2.x-unstable3 (and had SSL disabled on media/*), but this problem only came up after I updated to 7.x-2.x-unstable7.
Thanks,
Victoria
Comment #3
ohthehugemanatee CreditAttribution: ohthehugemanatee commentedNoting that I've encountered this problem, too. My whole site is behind SSL, with securepages redirecting everything to a separate, SSL subdomain. Interestingly, the error indicates that it's correctly applying the subdomain... but not correctly applying the protocol.
Chrome's debug pane explains it best:
I'm not clear on where it's getting HTTP from here. The iframe is opened with a relative URL, and the submit handler redirects are also relative URLs. All the JS includes in media.module are relative URLs. Is this possibly a problem with ctools modal?
Somewhere, someone is assuming HTTP.
Comment #4
ohthehugemanatee CreditAttribution: ohthehugemanatee commentedEDIT: The issue appears to be that securepages tries to redirect back to HTTP. If I disable "Switch back to http pages when there are no matches" in Securepages, and make sure the whole process is behind HTTPS, it works fine.
Comment #5
Jaggi CreditAttribution: Jaggi commentedA better solution is just go to the secure pages config area and under pages add:
media/*
this fixed all the issues for me and keeps everything secure.
Comment #6
ohthehugemanatee CreditAttribution: ohthehugemanatee commented@Jaggi I just ran into this problem again, and that didn't fix the issues for me. I have extra complications on this site with multilingual paths though, so this needs more testing. The easiest solution IMO is just to make a broader blanket rule that ensures the whole process is in HTTPS. In this case I just set all authenticated users to remain in HTTPS.
Comment #7
rleija CreditAttribution: rleija commented@Jaggi solution worked for me
Comment #8
Chris Matthews CreditAttribution: Chris Matthews as a volunteer commentedClosing this issue as outdated. However, if you think this issue is still important, please let us know and we will gladly re-open it for review.
sincerely,
- the Drupal Media Team