Tweet embed fails in sandboxed iframe


#1

Hi,

this is a Bug Report. Sorry if this is the wrong spot but i can’t find any information howto report non-security bugs.
Or maybe someone can suggest a solution?

When embeding a tweet inside an iframe with sandbox=“allow-scripts” the following error appear:

widget_iframe.049716a23792bca881820db70e17250b.html?origin=…&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings:12 Failed to execute ‘postMessage’ on ‘DOMWindow’: The target origin provided (‘http://example.com’) does not match the recipient window’s origin (‘null’).

Code:

<!doctype html>

Embed Bug

iframe.html:

<!doctype html>

Embed Bug

It's true. RT @TechCrunch: Code buried in Instagram’s Android app reveals a “Usage Insights” feature that will show users their “time spent” https://t.co/1Lt3DgIFEj

— Kevin S. (@kevin) 16. Mai 2018

#2

Hi there!

Can you please provide a the code you are embedding so I can try to reproduce? Pasting here or linking a JSFiddle would be great.

Thanks,
Kat


#3

Seems like the forum has delete my demo code - and i can’t use the above account to post a new message ???

Nevertheless here a example:

Demo


#4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.