1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.5 Avatar Issue

Discussion in 'Troubleshooting and Problems' started by SneakyDave, May 3, 2016.

  1. SneakyDave

    SneakyDave Well-Known Member

    hmmm... This has me stumped

    Changing an avatar results in the ajax request not completing, and not displaying the updated avatar, but a page refresh shows that the avatar has been updated.

    Permissions on the data/avatars directory is world writable.
    Doesn't matter if caching is on or not, same thing happens.
    Doesn't matter if I use Image Magick, or GD Image Library.
    Attachments work fine.
    Doesn't matter which style I use.
    Doesn't matter which Jquery location I get it from.
    Network tools tells me that "avatar-upload" "failed to load response data". Not sure if that's normal, or the problem.

    What to look for? I'm almost positive it's got to be something simple.
  2. Brogan

    Brogan XenForo Moderator Staff Member

    Presumably this happens with multiple browsers?

    Can you also confirm it occurs in a vanilla style with add-ons disabled?
  3. SneakyDave

    SneakyDave Well-Known Member

    Happens in Chrome, IE, and FF. Doesn't matter if addons are disabled or not. Can be reproduced with stock XenForo style.

    The version is 1.5.3. Maybe I shold renew the license, and upgrade, just to rule out an old bug?
  4. SneakyDave

    SneakyDave Well-Known Member

    I lied, it doesn't happen in IE, just FireFox, and Chrome.
  5. Chris D

    Chris D XenForo Developer Staff Member

    Just registered to be nosey. There seems to be some clues in the console:

     Multiple 'X-Frame-Options' headers with conflicting values ('SAMEORIGIN, DENY') encountered when loading 'https://site/account/avatar-upload'. Falling back to 'DENY'.
    Refused to display 'https://site/account/avatar-upload' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN, DENY'.
    Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement': Sandbox access violation: Blocked a frame at "https://site" from accessing a frame at "null".  The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.
    Based on this, and based on noticing that you may be running nginx and pagespeed, I would first of all see if pagespeed is responsible, failing that, this thread may well give a clue:

    SneakyDave likes this.
  6. SneakyDave

    SneakyDave Well-Known Member

    Thanks Chris, I'll report back.
  7. SneakyDave

    SneakyDave Well-Known Member

    It wasn't pagespeed, but it was related to the @rainmotorsports HTTP Strict Transport setting.

    I disabled this param in nginx, and it works fine now. Thanks again.

      #add_header X-Frame-Options DENY;
    Chris D likes this.
  8. rainmotorsports

    rainmotorsports Well-Known Member

    Did I post my nginx config somewhere? Lol.

Share This Page