WordPress.org

Ready to get started?Download WordPress

Forums

Share Buttons by AddToAny
[resolved] [Plugin: AddToAny: Share/Bookmark/Email Button] [Plugin: AddToAny] Clickjacking (7 posts)

  1. MyrddinDE
    Member
    Posted 3 years ago #

    Hello,

    Found AddToAny because I wanted to add Tweet and Facebook buttons to a Site. However when I use it on for example http://www.darrensaines.no/velkommen-til-darren-saines-hagedesign/ I get a clickjacking warning. Is that normal?

    kind regards,

    Michael

  2. micropat
    Member
    Plugin Author

    Posted 3 years ago #

    Hi Michael,

    No, that is not normal, and of course it is a false-alarm.

    What specific piece of software is reporting the "clickjacking"?

  3. MyrddinDE
    Member
    Posted 3 years ago #

    Thanks, for the quick response.

    Here is the message I get:
    http://www.darrensaines.no/wp-content/uploads/addtoany_clickjacking.png

    It is probably noscript firefox plugin that does that. On my own site I do not get this error (for example: http://www.myrddin.de/patch-4-1-fire-nova-preview/).

    This is the code I have used:

    <?php if (!is_feed() && !is_home()) {
    echo '<div class="a2a_kit addtoany_list">';
    if( function_exists('ADDTOANY_SHARE_SAVE_ICONS') ) { ADDTOANY_SHARE_SAVE_ICONS(); }
    echo '</div>';
    } ?>

    Hope that helps

    Michael

  4. MyrddinDE
    Member
    Posted 3 years ago #

    I forgot to mention, that I wasn't implying that addtoany was trying to clickjack. Rather I'd like seek help so that error won't happen to third parties and any advice would be appreciated. Maybe it is something too obvious I am overlooking :D

    I changed the DNS of that site today, since it was moved to another server and I was using my windows host entry to acces the new site ... wonder if that had something to do with it.

    Was also wondering why there were no counters for the amount of likes/tweets for the page or if that was a featuer coming in future versions,

    Thanks

  5. MyrddinDE
    Member
    Posted 3 years ago #

    After a lot more research I did not come up with a proper solution, so I decided to insert the Facebook/Twitter social bookmarks manual.
    The clickjacking warning stayed and I was totally clueless what might be the root of the problem.
    I checke various sites and they all used the same code, etc ...

    But in the end ... I found out that the only thing I could not see on other sites is the %"$%!&%-admin bar at the top :D

    Disabling the admin bar instantly removed the clickjacking issues.

    As mentioned above, it is usually something too obvious that gets into my way.

    Hope this helps someone

    Michael

  6. micropat
    Member
    Plugin Author

    Posted 3 years ago #

    This sounds like more of an issue with some bad software on your computer if both AddToAny and the WordPress admin bar were initiating this false positive warning.

    Did you ever find out which piece of software on your computer was giving the warning? Did you try other browsers or computers with both AddToAny and the WordPress admin bar enabled?

  7. MyrddinDE
    Member
    Posted 3 years ago #

    Actually the error has been linked, the software has been mentioned above already. NoScript is in no way a "bad" software and is even recommended to use by cert. https://addons.mozilla.org/en-US/firefox/addon/noscript/
    The tool shows a warning that the program stopped a ui-readressing which was caused by mouse/keyboard interaction with a partly hidden object. I sent a report to the author, so maybe we will see it fixed at some point.

    As mentioned above I was sure it was nothing AddTAany related issue, since I also tried the original facebook/twitter iframe and it caused the warning aswell.

    Don't know how it works exactly, just happy to know that outside people will not get an error message and disabling the admin bar (don't use it anyhow) made the issue disaapear.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags