Forum Stats

  • 3,782,337 Users
  • 2,254,638 Discussions
  • 7,880,048 Comments

Discussions

Modify page template 'blocked' by Chrome XSS auditor

Scott Wesley
Scott Wesley Member Posts: 6,146 Gold Crown
edited Mar 6, 2019 1:24AM in APEX Discussions

It's been a while since I needed to modify a page template (4000:4307), but it seems now in Chrome 72 if we try, we get the following error on /wwv_flow.accept

This page isn’t working Chrome detected unusual code on this page and blocked it to protect your personal information (for example, passwords, phone numbers, and credit cards).Try visiting the site's homepage.ERR_BLOCKED_BY_XSS_AUDITOR

pastedImage_0.png

If I refresh the page, I receive this

Current version of data in database has changed since user initiated update process.Contact your application administrator.

pastedImage_3.png

Which means that if I just press back, I also see the changes. So the save works, it just displays an error on the page branch.

Firefox 65 does not complain.

It seems maybe there's something that can be done on the APEX engine end (adding X-XSS-Protection:0), as well as the front - but I'm not sure I want to disable the front.

https://www.itsupportguides.com/knowledge-base/google-chrome/google-chrome-how-to-bypass-err_blocked_by_xss_auditor/

This happens on APEX 5.1 & 18.2.

Tagged: