Pretty old question, but it's still open- so In case you didn't see this answer already, Mademoiselle Geek is spot-on. A quick double-check on my heroku app verifies that you can, in fact, just type https: instead of http: and it will accept an SSL connection automatically- no set up required. The only thing you do have to set up is in your Facebook.js.coffee- this section.. initializeFacebookSDK = -> FB.init channelUrl : 'http://app.heroku.com/page/fbchannel' Change to.. initializeFacebookSDK = -> FB.init channelUrl : 'https://app.heroku.com/page/fbchannel' Then, depending on your operating system (I use linux) do a quick grep search (or search the text of files within a directory) for http://app.heroku and change it to https, just to be safe.

Check with another constructor for htmlView: ContentType mimeType = new System.Net.Mime.ContentType("text/html"); var htmlView = AlternateView.CreateAlternateViewFromString(bodyMessage, mimeType);

I had a similar error where the JS error was: Blocked a frame with origin "https://www.youtube.com" from accessing a frame with origin "http://www.yourdomain.com". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocol/Protocols must match, YouTube has CORS (Cross Origin Resource Sharing) enabled to allow across domains. Try getting rid of the https:// in your YouTube iframe tag? You could also take a look at your closing iframe tags. Iframe tags are not singleton tags and must end with a </iframe> and not a />.

Turns out that the reason that my button wasn't authenticating without a refresh was beacuse I forgot to close my <script> on my server, even though it was closed in the code in my question. For the error it does seem like you can ignore it (thanks @Ismael Toé).

I'm pretty sure that you can solve this by using http instead of https. Also make sure to empty your cache. In chrome press ctrl+⇧+⌫ or ⌘+⇧+⌫

Solved this a while ago. Assigning the textView's center property instead of its frame solves the problem. CGPoint center = self.smallTextView.view.center; center.x -=20.0; self.smallTextView.center = center; Even still, assigning the textView's frame with a different origin still causes the bug, even in iOS 7. But assigning the center works just fine.

Firstly, I don't believe you should be subclassing a UITableViewController to achieve what you want. A UITableViewController is useful when you know that your view will only contain a UITableView, in my opinion adding anything else to one defeats the purpose. To solve your problem though, in the bottom of your code snippet uncomment out the line where you change the frame of your tableview (assuming self.restOfView is your tableView) and instead of call [self.restOfView reloadData] call: [self.restOfView setNeedsDisplay]; reloadData just calls the tableView data source methods again, setNeedsDisplay redraws the object. I think that will work.

This should do the trick: CGFloat res = CGRectGetMaxY(self.frame); Documentation can be found here. EDIT: according to explanation from rob mayoff (see comments) this is a little more expensive than simply summing origin.y + size.height in code.

It looks like you might need to modify the code below to go over https (function(d){ var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0]; if (d.getElementById(id)) {return;} js = d.createElement('script'); js.id = id; js.async = true; js.src = "https://connect.facebook.net/en_US/all.js"; ref.parentNode.insertBefore(js, ref); }(document)); Also, src="//domain.com will inherit the protocol. You could try: echo '<script src="https://connect.facebook.net/en_US/all.js"></script>';

Can you give more information, what version of IIS server? Try to make some validations to see what is the problem, but for now: You add the reference on your website to library/bin/Release/Recaptcha.dll? Maybe reCaptcha is accesible from the server you deployed to? if the answer is no, you have to add a proxy.

+(CGRect)getUpdatedFrame:(CGRect)frame byChangingCenterTo:(CGPoint)newCenter { float width = frame.size.width; float height = frame.size.height; return CGRectMake(newCenter.x-width/2, newCenter.y-height/2, width, height); } +(CGPoint)centerForRect:(CGRect)rect { return CGPointMake( rect.origin.x+rect.size.width/2 , rect.origin.y+rect.size.height/2 ); }

There is no way to limit the number of characters of Google ReCaptcha. If the user can't find a captacha because it's too messy, too long, he can ask for another captcha, and that's how it works. Moreover, reducing the number of character would just reduce the effectiveness of ReCaptcha. If you really want something easier, you have to look for something else or create your own captcha system.

Well.. That is not an issue with SEOstats. The problem is that Google detected that you send automated requests to it, which is against their Terms of Services! You should be able to "solve" this by getting a fresh IP from your provider (turn router off/on) or sending your requests through proxies. Anyway, you must decrease your request frequency to avoid getting blocked again! See: https://github.com/eyecatchup/SEOstats/issues/33

This would definitely cause blurring as everything is being anti-aliased across two pixels (Note: On a retina screen, you won't see any blurring because each point is actually two pixels so half points technically exist as a single pixel). To fix it you might have to use CGRectIntegral to force the frame to integer bounds. The best way to do that would be: - (NSArray *)layoutAttributesForElementsInRect:(CGRect)rect{ NSArray *attributes = [super layoutAttributesForElementsInRect:rect]; for (NSLayoutAttributes *attribute in attributes){ attribute.frame = CGRectIntegral(attribute.frame); } } You should do the same thing for layoutAttributesForItemAtIndexPath:.

I don't think it is possible observe only the y value of the frame. But instead of observing the frame property you could overwrite the setFrame: method Like this: - (void)setFrame:(CGRect)frame { [super setFrame:frame] if (self.frame.origin.y != frame.origin.y){ // Do your stuff here } }

You remote URL is incorrect, it should be https://github.com/mxcl/homebrew.git (.git postfixed) instead of https://github.com/mxcl/homebrew. You can copypaste URLs from Github UI to prevent such typos.

Once again, I've answered my own question. If you have outlets and/or references to your buttons, you'll want to re-reference your button/label/custom view frames in the scrollViewDidScroll method. In my case, I was trying to line up a custom view frame with a button frame, so the implementation looks like this: - (void)scrollViewDidScroll:(UIScrollView *)scrollView // Enumerate through each object you're looking to reposition and compare them: if(!(CGRectEqualToRect(bsv.frame, btn.frame))) bsv.frame = btn.frame; I hope this will help someone out there.

I used config { baseURL = https://domain.com } and adapted all links which had a http in the beginning (otherwise the slider stopped working because Chrome didn't load the other ressources ...). Seems to work now.

try this.. CGRect newPosition = [theCell convertRect:theCell.frame toView:yourViewController.view]; this will give you position of cell in terms of yourViewController

In my experience, setting X-Frame-Options (XFO) rules works much better than breaking out of iframes. When it comes to rules, it really depends on if you absolutely have to use iframes. If you can remove iframes from your website completely, using the DENY rule would be best; however, if you still have iframes in your site, use the SAMEORIGIN rules. The differences between the available rules are outlined below (quoted from IETF): DENY A browser receiving content with this header MUST NOT display this content in any frame. SAMEORIGIN A browser receiving content with this header MUST NOT display this content in any frame from a page of different origin than the content itself. If a browser or plugin can not reliably determine whether the origin of the

If your site is running on HTTPS, then you need to access the Google Closure Library via HTTPS as well. Try using a protocol-relative link to keep your site's protocol usage consistent with the way it retrieves the Google Closure code. <script src="//closure-library.googlecode.com/svn/trunk/closure/goog/base.js""></script>

I am afraid I do not have the reputation of marking it as a possible duplicate. Hence my only option is to paste the link here. Hope it helps. Unsafe JavaScript attempt to access frame with URL - in the same domain

You can use AJAX to send values using the event onsubmit to the form tag to a page that saves the form values into a session then basically say you had an input with the name of 'FirstName' <form onsubmitup='PreserverValues();'/> then basically you change all inputs to <input type='text' name='FirstName' value='<?php if isset($_SESSION['FirstName']) echo $_SESSION['FirstName']; ?>'/>

Seems a bit strange. Try change <script src="../../common/scripts/jsapi.js" type="text/javascript"> google.load('visualization', '1.0', {'packages':['corechart']}); </script> To <script type="text/javascript" src="https://www.google.com/jsapi"></script> <script type="text/javascript">google.load('visualization', '1.0', {'packages':['corechart']});</script> Then the google object should be loaded correct. Also, you have pasted chart initialization from a google chart-example, chart = new google.visualization.LineChart(document.getElementById('chart_div')); but your only HTML is <div class="PT_Care_vitals_swa_ofcurv_left" onclick="getPatientVitalInfo();"</div> you miss the chart_div id

Just in case someone stumbles upon this: There currently is no way in keeping functions of a contentScript running while JavaScript is disabled. Probably this feature will never be implemented, but who knows. You are still able to execute some code though e.g. DOM Manipulation is still possible, hence the menu I wanted to inject was still displayed.

Your assumption is correct. You need to embedd this script over HTTPS. Yahoo does not offer SSL support on their CDN. Read why. You may use the google CDN: https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/yahoo-dom-event.js

An SSL certificate is not required on the server side. The postback call from Google mirrors back the original transaction data plus an order Id. If you are using the sellerData field, depending on your particular situation, you may consider encrypting that information. Also see this related discussion: Does Google Wallet API for digital goods require an SSL certificate?

I added these two lines of code to break the iFrame and it solved the exception if (top.location!= self.location){ top.location = self.location } this solves the different protocols issue... on with the other bugs...

This is not a definitive answer ... The exception message says this: Could not connect to SMTP host: localhost, port: 25 (java.net.SocketException: Permission denied: Attempt to access a blocked recipient without permission.)) So the transport is attempting to use an SMTP service running on the same machine as the GAE. But the error message seems to indicate that it succeeding in connecting, and the SMTP service refused to accept the email for delivery to any of the recipients. So I would suggest that you do the following: Try it out with a real email addresses not "xxx@example.com" addresses. Check the configurations for your local MTA service (whatever it is) to see if it is configured to relay email to external addresses. Check the MTA log files. There should

Answer by @Dr.Molle: Use the places-library to request places-results on clientside: https://developers.google.com/maps/documentation/javascript/places#place_search_requests

Added the following handler to my app.yaml on app engine and the import now works fine in all browsers. handlers: - url: /fonts static_dir: fonts http_headers: Access-Control-Allow-Origin: "*"

The DirectionsService is subject to a quota and rate limits. You can retrieve multiple routes if you handle the OVER_QUERY_LIMIT case and back off. A couple of examples that do that: http://www.geocodezip.com/v3_directions_multipleWayPts_CustomMrkrsB.html http://www.geocodezip.com/v3_directions_multipleWayPts_CustomMrkrs_busRoute.html

For file://, the thing works differently.. try this as your origin: http://localhost:4567 or try this tutorial: here

Just today I faced the same error as yours, and the solution is in this other question on SO Origin url is not allowed by Access-Control-Allow-Origin with Google Direction API As I saw, you now have to use the Geocoding API to search addresses, even if you have the specific address. Hope this helps

The first error I see is that you're passing strings into new google.maps.LatLng(). You need to give it numbers. Instead of this code: var user_longitude = $("#user-position").attr("data-lng"); var user_latitude = $("#user-position").attr("data-lat"); var currentlatlng = new google.maps.LatLng(user_latitude, user_longitude); use: var $position = $("#user-position"), lat = $position.attr("data-lat"), lng = $position.attr("data-lng"); var currentlatlng = new google.maps.LatLng( +lat, +lng ); Let me take a look through the rest of your code, but that's one thing to fix right away. BTW just as a stylistic suggestion, as you can see I prefer shorter names in localized code like this. Since the data attributes are data-lat and data-lng and the Maps API function is called LatLng

I had this issue and it turned out to be related to content-security-policy. That error is thrown when a script attempts to call eval(). I added unsafe-eval to the header e.g.: content-security-policy: script-src 'unsafe-eval' 'self' https://*.google.com ... If you are using content-security-policy, this might be causing the error. Note: Using unsafe-eval is not ideal from a security perspective! content-security-policy

While the source url and the destination url don't match you will always have this error! You can't do an ajax request from "file:///E:/Project/WebSite/SourceWebsite/test.html", to "http://yourdomain:33219/iSes/Pro/RfsPro.svc/GetPro/", because it's a violation of the Same Origin Policy. http://en.wikipedia.org/wiki/Same-origin_policy You can do an ajax request to the server if and only if the protocol, url and port are the same. If you want to access to : "http://yourdomain:33219/iSes/Pro/RfsPro.svc/GetPro/" You must be at "http://yourdomain:33219/something" I hope I made myself clear.

You have to replace the absolute url http://localhost:8080/login with a relative url like /login. Otherwise, if you don't want to change the url, you can add crossDomain: true to your ajax function which will be the following : var login = function() { $.ajax({ url: "http://localhost:8080/login", type: 'POST', data: { key: "value" }, crossDomain: true; error: function(jqXHR){console.log("Error");} }).done(function(data, textStatus, jqXHR) { console.log(jqXHR.responseText); }); return false; }

Since they are running on different ports, they are different domains. It doesn't matter that they are on the same machine/hostname. You need to enable CORS on the server (localhost:8080). Check out this site: http://enable-cors.org/ All you need to do is add an HTTP header to the server: Access-Control-Allow-Origin: http://localhost:3000 Or, for simplicity: Access-Control-Allow-Origin: *

Does it work on IE10, where CORS is finally supported? If so, your problem is that you need to use XDomainRequest on IE8 and IE9. Also, check to make sure your BOSH, JavaScript, and HTML URLs are all HTTPS or all HTTP, not a mix. IE10 enforces this for same-origin where many other browsers don't.