Hi There,
It looks like the DocumentManager and ImageManager (part of the RadEditor) are not working at all when using Internet Explorer.
The page says "This content cannot be displayed in a frame" and in the IE Developer Console I see the error "SCRIPT5: Access is denied. Telerik.Web.UI.WebResource.axd (16532,28)"
I have attached an image showing what I see.
I have done some looking around and it seems like this issue was supposed to have been fixed since ASP.NET 3.5 was released. We are targeting .NET 4.6.1
Our Telerik DLL version are a bit out of date but we are no longer paying for the product so cannot get the latest versions. We are currently on version 2014.2.618.45.
Below is the the simple code I have on a ASP.Net WebForm that we have the editor on. When I view this editor in IE I get the error described above and shown in the attached screenshot.
Test.aspx
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="test.aspx.cs" Inherits="Test_test" %><!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml"><head runat="server"> <title></title></head><body> <form id="form1" runat="server"> <telerik:RadScriptManager ID="ScriptManager" runat="server" EnableTheming="True"> </telerik:RadScriptManager> <div> <telerik:RadEditor runat="server" ID="RadEditor1" > </telerik:RadEditor> </div> </form></body></html>
Test.aspx.cs
using System;public partial class Test_test : System.Web.UI.Page{ protected void Page_Load(object sender, EventArgs e) { }}Thanks in advance.
4 Answers, 1 is accepted
Hi Graham,
You can prevent this frame issue by setting the HTTP header "X-Frame-Options" to sameorigin OR allow-from uri of the production web site on live.
When the value is set to sameorigin, the page can only be displayed in a frame on the same origin as the page itself.
When it is set to allow-from <URL of the production site>, the page can only be displayed in a frame on the specified origin.
Both options are suitable and recommended.
To configure IIS to send the X-Frame-Options header, add this to your site's Web.config file:
<system.webServer> ... <httpProtocol> <customHeaders> <add name="X-Frame-Options" value="sameorigin" /> </customHeaders> </httpProtocol> ...</system.webServer>Only the deny setting can cause troubles. If you set the X-Frame-Options to deny, the page will be not displayed in a frame, regardless of the site attempting to do so. This will affect RadEditor File Browser dialogs, RadWindow when its NavigationUrl is set and also RadTabStrip and RadSplitter, because in this scenarios their contents are loaded in an iframe. The deny option will prevent the content loading in the iframe.
The deny option will prevent RadEditor to load the contents of its iframe based dialogs like the Image Manager, Document Manager and other, you have to configure the control to use the standard browser dialogs by setting editor.set_useClassicDialogs(true); , e.g.
<script type="text/javascript"> function OnClientLoad(editor) { editor.set_useClassicDialogs(true); } </script> <telerik:RadEditor ID="RadEditor1" OnClientLoad="OnClientLoad" runat="server"></telerik:RadEditor>You can find more information at https://www.telerik.com/support/kb/aspnet-ajax/editor/details/using-browser-modal-dialog-instead-of-radwindow.
Best Regards,
Rumen
Progress Telerik
Rank 1
Hi Rumen,
Thank you for the informative reply.
Using the Script to use the standard browser dialogs does work, however this is our the preferred approach.
I have tried using the following three X-Frame-Options header values and all three of them result in the same behaviour.
X-Frame-Options: sameorigin
X-Frame-Options: allow-from events.eply.com
X-Frame-Options: allow-from https://events.eply.com
I have attached another screenshot showing this.
Thanks again.
Rank 1
Hi Rumen,
There was a typo in my previous reply. I meant to say "however this is not our preferred approach"
Hi,
If the problem is due to the X-Frame-Options and no one of the available options works for you, the solutions are:
- to use the browser window (editor.set_useClassicDialogs(true);) since it does not use frames
- or the light dialogs - Insert Image, Insert Link, Insert Table Light - https://demos.telerik.com/aspnet-ajax/editor/examples/built-in-dialogs/defaultcs.aspx.
Regards,
Rumen
Progress Telerik