This topic contains 3 replies, has 4 voices, and was last updated by  fleblanc 1 week, 4 days ago.

  • Author
    Posts
  • Participant
    likwid
    Newbie
    Member since: 23.11.2017
    Number of posts: 7

    Hi there,

    We are loading our documents in an iframe and are encountering errors with client browsers that have Third-Party Cookies disabled. Here is a sample of the error that is shown in the browser console:

    Refused to display ‘https://sandbox.e-signlive.ca/login?destination=/packages/ID-REMOVED=/sign’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’.

    Is there anything we can do to get around this issue? This will be a big road block for us if we need to tell every user to manually update their browser settings and turn that setting off.

    Keymaster
    Haris
    Jedi Master
    Member since: 05.11.2015
    Number of posts: 1450

    Score

    0

    Hi likwid,

    Unfortunately, third-party cookies must be enabled in order for the signing ceremony to load. That’s how it currently works. This, however, will no longer be an issue when the new signing ceremony rolls out later this year. What I can suggest is to test if your users have third-party cookies enabled (https://stackoverflow.com/questions/3550790/check-if-third-party-cookies-are-enabled) and display the proper error message if they are disabled.


    Haris Haidary
    OneSpan Technical Consultant
    Participant
    doxsees
    Newbie
    Member since: 31.05.2018
    Number of posts: 1

    Score

    0

    Any update on this issue? Will the new signing ceremony require re-implementing our esign flows or will it be backwards-compatible with the existing sdk? How will we be notified when the new signing ceremony is available? Thanks

    Participant
    fleblanc
    Newbie
    Member since: 18.01.2016
    Number of posts: 7

    Score

    0

    There was a solution to this problem that was posted here: https://developer.esignlive.com/forums/topic/cookie-issues-on-safari/
    Essentially the key is to navigate to a “loading” page (on the same domain as your OneSpan Sign instance) in order to make the user’s browser create the required cookie. The details of this approach can be found in the article referenced above.

    The next version of the signing ceremony will not be cookie-less (there were discussions earlier in the year that it might be) so it will not solve this issue. However to answer your question, the new signing experience will not require changes in your integration. Signers will automatically see the new signing experience for new transactions unless your account is configured to disallow it.

    Don’t hesitate to post any clarifying questions you might have here.

You must be logged in to reply to this topic.