Post by pooja-vishnoi » Sat Sep 09, 2017 8:05 pm

While listing on my opencart store, today i start getting following error

This page isn’t working

Chrome detected unusual code on this page and blocked it to protect your personal information (for example, passwords, phone numbers, and credit cards).
Try visiting the site's homepage.
ERR_BLOCKED_BY_XSS_AUDITOR

Please help me resolve this.

New member

Posts

Joined
Sun Feb 10, 2013 9:58 pm

Post by IP_CAM » Sun Sep 10, 2017 4:49 am


My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.


User avatar
Legendary Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by Chris_UK » Mon Oct 02, 2017 9:15 pm

This isnt a fix its a tempory hack because you do really want to have XSS checks but to get you up and running again you can do the following. Remember temporary hack and you need to keep an eye out for a patch from opencart.

in my version: 2.1.0.2
I opened up admin/view/template/common/header.tpl

on line two after the doctype Add a new line

Code: Select all

<?php header ('X-XSS-Protection: 0'); ?>
This php header tells chromium / chrome (possibly all browsers) to skip the XSS checks across your whole admin area. The reason for this i believe is the text editors within the admin area as they permit html content so when you submit the form it causes chrome to block the content (old versions and block the page in more recent versions)

New member

Posts

Joined
Wed Jan 20, 2016 4:39 am
Who is online

Users browsing this forum: No registered users and 63 guests