问题
We had Login with LinkedIn code set up and working perfectly with LinkedIn Javascript SDK, where a few days ago we suddenly started to get this:
Blocked a frame with origin "https://platform.linkedin.com" from accessing a frame
with origin "https://OUR_SITE". Protocols, domains, and ports must match.
And login does not complete (it returns from LinkedIn to our page and waits forever). I have no idea why we started to get this error when everything was working perfectly (we haven't changed a single line of code about the login mechanism, or allow origin headers/files, or LinkedIn settings etc) but I decided to add platform.linkedin.com to allow origin header:
Access-Control-Allow-Origin: https://platform.linkedin.com
I can see the header sent in response correctly. However, I'm still getting the very same error.
Why did this start happening and how can we prevent this? I mean, I know Microsoft bought LinkedIn but come on, they can't break it that fast.
回答1:
Seems like it's broken forever.
I've ended up giving up on LinkedIn SDK completely, and using vanilla JS to open up a window, check for it's events, redirect back to my own domain (to be able to read window location and not hit into a browser sandbox) and read the token from there and use the token to manually do whatever I do.
I've never seen a company care less about their own developer platform, but again, at least, as a developer I can tell you that you can implement the "Login with LinkedIn" mechanism by hand.
来源:https://stackoverflow.com/questions/38093166/linkedin-login-blocked-a-frame-with-origin-https-platform-linkedin-com-from