Skip to Main Content
Forums

APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Modify page template 'blocked' by Chrome XSS auditor

Scott WesleyMar 6 2019 — edited Mar 6 2019

It's been a while since I needed to modify a page template (4000:4307), but it seems now in Chrome 72 if we try, we get the following error on /wwv_flow.accept

This page isn’t working Chrome detected unusual code on this page and blocked it to protect your personal information (for example, passwords, phone numbers, and credit cards).

Try visiting the site's homepage.

ERR_BLOCKED_BY_XSS_AUDITOR

pastedImage_0.png

If I refresh the page, I receive this

Current version of data in database has changed since user initiated update process.

Contact your application administrator.

pastedImage_3.png

Which means that if I just press back, I also see the changes. So the save works, it just displays an error on the page branch.

Firefox 65 does not complain.

It seems maybe there's something that can be done on the APEX engine end (adding X-XSS-Protection:0), as well as the front - but I'm not sure I want to disable the front.

https://www.itsupportguides.com/knowledge-base/google-chrome/google-chrome-how-to-bypass-err_blocked_by_xss_auditor/

This happens on APEX 5.1 & 18.2.
Comments
Post Details
Added on Mar 6 2019
#apex, #apex-discussions, #template
0 comments
323 views