Google +登录按钮被禁止的框架 [英] Google + SignIn Button Blocked Frame

问题描述

我一直在尝试使用Google + SignIn构建一种 Hello World 项目。我遵循教程 https://developers.google.com/+/web/signin/ ，我的代码如下：

  ... 
< script> 
函数signinCallback（authResult）{
 //location.reload（）; 
 // var x = 0 
 // while（x = 0）{
 if（authResult ['access_token']）{
 //成功授权
 / /隐藏登录按钮，现在该用户已被授权，例如：
 document.getElementById（'signinButton'）。setAttribute（'style'，'display：none'）; 
 //document.getElementById(\"secret\").innerHTML =（< a href =secret.html>< p>超级秘密页面的非显眼链接< / p>< A>中）; 
 //警报（IT WORKED）; 
 document.getElementById（secret）。innerHTML =（不显眼的链接到超级秘密页面）; 
 document.getElementById（game）。innerHTML =（超级秘密游戏页面的非显眼链接）; 
 document.getElementById（'refresh'）。setAttribute（'style'，'display：none'）; 
 //警报（请刷新）; 
} else if（authResult ['error']）{
 //出现错误。 
 //可能的错误代码：
 //access_denied - 用户拒绝访问您的应用程序
 //immediate_failed - 无法自动登录用户
 console.log （'AuthERROR：'+ authResult ['error']）; 
 // alert（错误：一队训练不良的机器人已经派出来处理这种情况，如果他们出现了，告诉他们''+ authResult ['error'] +'）; 
} 
} 
< / script> 
 ... 
< span id =signinButton> 
  class =g-signin
 data-callback =signinCallback
 data-clientid =客户端ID
 data-cookiepolicy = single_host_origin
 data-requestvisibleactions =http://schemas.google.com/AddActivity
 data-scope =https://www.googleapis.com/auth/plus.login
 data-width =wide
 data-theme =light> 
< / span> 
 ... 
< a href =secret.html>< p id =secret>< / p>< / a> 
 ... 
  

当我在Google Chrome中运行代码时（版本29.0.1547.18 dev -m），我得到这个错误：

 阻止了源于https://accounts.google.com的框架访问源自https://apis.google.com的框架。协议，域和端口必须匹配。 
  

我的signinCallback函数中的代码在页面的第一次加载时被调用，但是当按钮用于登录。代码不会在页面重新加载之前执行。

但是，这个问题在Firefox中不会发生，所以它似乎是一个错误与Chrome分离。我还没有测试任何其他浏览器。

是否有解决此问题的方法？

谢谢！ / p>

解决方案

原因是我的按钮没有刷新而无法进行身份验证，因为我忘记关闭我的< script> ，尽管它在我的问题的代码中被关闭了。

就像你可以忽略它一样（感谢 @IsmaelToé）。

I have been trying to build a kind of Hello World project using Google + SignIn. I followed the tutorial at https://developers.google.com/+/web/signin/, with my (excerpted) code being:

...
<script>
        function signinCallback(authResult) {
        //location.reload();
        //var x = 0
        //while(x=0){
            if (authResult['access_token']) {
                // Successfully authorized
                 // Hide the sign-in button now that the user is authorized, for example:
                 document.getElementById('signinButton').setAttribute('style', 'display: none');
                //document.getElementById("secret").innerHTML = ("<a href="secret.html"><p>Non-Conspicuous Link to Super Secret Page</p></a>");
                //alert("IT WORKED");
                document.getElementById("secret").innerHTML=("Non-Conspicuous Link to Super Secret Page");
                document.getElementById("game").innerHTML=("Non-Conspicuous Link to Super Secret Game Page");
                document.getElementById('refresh').setAttribute('style', 'display: none');
                //alert("Please Refresh");
                 } else if (authResult['error']) {
                 // There was an error.
                 // Possible error codes:
                 //   "access_denied" - User denied access to your app
                 //   "immediate_failed" - Could not automatically log in the user
                 console.log('AuthERROR: ' + authResult['error']);
                //alert("ERROR: A team of poorly trained robots has been dispatched to handle the situation. If they arive, tell them '" + authResult['error'] + "'");
              }
            }
        </script>
...
<span id="signinButton">
        <span 
            class="g-signin"
            data-callback="signinCallback"
            data-clientid="CLIENT ID"
            data-cookiepolicy="single_host_origin"
            data-requestvisibleactions="http://schemas.google.com/AddActivity"
            data-scope="https://www.googleapis.com/auth/plus.login"
            data-width="wide"
            data-theme="light">
        </span>
...
<a href="secret.html"><p id="secret"></p></a>
...

When I run the code in Google Chrome (Version 29.0.1547.18 dev-m), I get this error:

Blocked a frame with origin "https://accounts.google.com" from accessing a frame with origin "https://apis.google.com". Protocols, domains, and ports must match.

The code in my signinCallback function is called on the page's first load, but doesn't run when the button is used for sign in. The code isn't executed until the page is reloaded.

However, this issue does not occur in Firefox, so it seems to be an error isolated to Chrome. I have not yet tested any other browsers.

Is there anyway to solve this issue?

Thanks!

解决方案

Turns out that the reason that my button wasn't authenticating without a refresh was beacuse I forgot to close my <script> on my server, even though it was closed in the code in my question.

For the error it does seem like you can ignore it (thanks @Ismael Toé).

这篇关于Google +登录按钮被禁止的框架的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！