-
Closed
-
Hello, just as title say – Customizer not showing previews on live site and can’t be loaded on staging one
After updating from free Evolve theme 4.0.2 to Evolve plus 2.9.6 live customizer stopped working properly. It does not show clickable buttons used to edit element and also does not show live preview change after changing at least some options (for example disabling search does not initiate live preview update, changing the header style also does not initiate preview to show new choice). However, choosing some other color style of the site it does load preview and shows site in update colors. Switching back to 4.0.2 version customizer works correctly.
Another issue is that customizer does not load on staging site (cloned original, developing version).
Running WP 5.1.1, theme Evolve plus 2.9.6
screenshots : https://imgur.com/a/esRaFQl
Hi Digicon, can you please provide WP login to the website in Private reply? I will have a look. Thanks
Checked the website. In the console I see 403 error http://prntscr.com/nnh1qb which makes the issue in the customizer. First I would recommend to disable plugins – one by one to see if there is no conflict. Then can continue to test it.
Disabling plugins did not correct things. Furthermore I have used console trying to discover the issue (by the way, for the first time doing this as most of the scripting/coding things are like Chinese to me). As mentioned above changing color style preview work and what’s even more strange is that it also activates preview for the elements which I did change previously but it did not activated preview. As a result when preview was loaded I have different color style plus I now see removed search box and also see edit buttons of each element that can be edited. Console showed me some interesting data (screenshot link at the bottom of the message).
I have done googling a bit about the marked lines and come to some explanation. I believe issue is in there but I don’t have any idea how or where or what to do/edit in order to make any change /fix the issue. I believe that you are far more familiar with the content.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors
Also, I have noticed that first thing you have tried was disabling security plugin which could block some requests, scripts or whatever which was my only idea 🙁
p.s. Sorry for bothering you over the weekend (shy).
Can you please confirm this issue is on other website/server? Do you have a chance to test it?
No, I do not own/have have any other website/server so I can’t try that.
By the way, I don’t want to play smart as it’s not my “home field” but yours so, by having in mind the errors code shown in console (from the screenshot above) I would like to ask a thing.
How it is possible that customizer some options loads following the “x-frame-options” not having that “frame-ancestors” directive while for some other options it does ignores “x-frame-options” because “frame-ancestors” directive is present and those ones (preview) works even activating previous changes ? Is it possible that those “frame-ancestors” directive is missed at some options/parts/elements when codding as it is obviously from the screenshot when the customizer (preview) works and what is causing it to not work (by my guess – missing the frame-ancestors directive).
Is there any chance that the issue is somewhere there ?
It’s hard to determine the issue as I don’t see this issue on all of my environments. Tested on localhost with PHP 5.2, live server with PHP 7.
I don’t see how else I can be of help. I have tried to use customizer in Chrome but it acts the same.
Furthermore, I have searched for “frame-ancestor” and anything similar in the code/files but without much luck (as said coding is not my skill so that was expected to end up like that).
Not sure if you have seen that my website is running on Apache server with PHP version 5.6.40. I don’t have any idea if PHP version can be related with the issue in any way.
As far as I understand looks like missing of the “frame-ancestors” directive for some elements is causing the issue. I was doing some google search believing I am going into right direction. Unfortunately I don’t have any idea how can I try anything of that neither I am sure if I am able to do that at all…
Some useful links that you should be able to understand way more better than I can:
https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/invalid-content-security-policy-csp-directive-identified-in-meta-elements/
https://dev.to/mattferderer/what-is-csp-why–how-to-add-it-to-your-website-28df
https://stackoverflow.com/questions/52505525/content-security-policy-directive-frame-ancestors-missing-but-there
The topic Customizer not showing previews on live site & can't be loaded on staging one is closed to new replies