Embedded Mortgage Calculators (worked for a year, now forbidden?)

BenSalami · September 22, 2023, 4:37am

Our embedded mortgage calculators used to work for almost a year, but recently the code snippet shows “forbidden”

Seems that WIX changed something recently and blocks this.

The test site is here: https://dmitry240.wixsite.com/dmitry-mortgages
You can see the errors in the console.

DOMException: Blocked a frame with origin "https://dmitry240-wixsite-com.filesusr.com" from accessing a cross-origin frame.
    at S (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:901)
    at eg (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:10298)
    at eg (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:10209)
    at ey (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:11113)
    at https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:136:395
    at eg (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:10405)
    at e.generateAndInjectStyles (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:7470)
    at https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:13282
    at M (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:13708)
    at ix (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:12:59036)
ai @ calculators.js:12
calculators.js:12 Uncaught DOMException: Blocked a frame with origin "https://dmitry240-wixsite-com.filesusr.com" from accessing a cross-origin frame.
    at S (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:901)
    at eg (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:10298)
    at eg (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:10209)
    at ey (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:11113)
    at https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:136:395
    at eg (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:10405)
    at e.generateAndInjectStyles (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:7470)
    at https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:13282
    at M (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:39:13708)
    at ix (https://bendigi-web.s3.ca-central-1.amazonaws.com/test/calculators.js:12:59036)

The source is a reputable company providing mortgage calculators for mortgage broker websites.

How can we fix this?
Was there a recent change on WIX to disallow third-party scripts?

onemoretime · September 22, 2023, 5:13am

Although I don’t know the specific cause at the moment, there is one thing I can say: It’s not better to expose the specific value of an API key on a site that anyone can access. There’s a risk of the API key being stolen.

If achieving this within an HTML Component (constrained iframe) is not possible, you might consider using custom elements to attempt the same thing.

BenSalami · September 22, 2023, 4:29pm

The API key is just a sample, but I will replace the picture too. Thank you for pointing it out.

BenSalami · September 25, 2023, 2:44pm

Can someone from WIX please comment here? We are actively looking for a way for WIX to unblock this, but there are no docs. @Support_Team

Thank you in advance.

Ashleigh_Holtman · September 26, 2023, 8:41pm

Hi there,

As a Canadian Mortgage Agent, having third party calculators such as the Canadian Mortgage App calculators on my website are imperative to my success as an agent. Not being able to supply my clients with easy to access and up to date calculators will be a detriment to my business. I also am aware that I am not the only agent that this affects as the majority of the agents I know are using WIX as a website platform and are being impacted in the same way.

BenSalami · September 27, 2023, 3:28am

Hi Ashleigh, thank you for your comment and your support of CMA. We may have a lead to a solution and we will not stop until we resolve it.

anthony · September 27, 2023, 7:50pm

I don’t see any console errors and the calculator is loading fine for me. Perhaps a transient issue or a browser plugin causing the problem?

Topic		Replies	Views
Put javascript in website Ask the community code , question	10	336	April 8, 2021
HTML code works but not embedded Javascript - from Formsite Ask the community code , question	2	602	April 18, 2018
Wix is sandboxing Custom Element and iframe extensions Ask the community code , question	3	163	November 29, 2024
Refused to frame because an ancestor violates the following Content Security Policy directive Ask the community code , question	4	1496	June 12, 2020
Wix PAY API/START Pay Not as a Pop-Up, is this possible? Ask the community code , question	14	261	October 14, 2021

Embedded Mortgage Calculators (worked for a year, now forbidden?)

Related topics