Welcome, Guest
Username: Password: Remember me
here you can submit any topics related ExtraWatch

TOPIC: Heatmap 403 Error

Heatmap 403 Error 1 year 10 months ago #458

Joomla 3.x (newest version), ExtraWatch Pro 2.3 from 04.11.14 (ExtraWatch 2.3.2221), Bootstrap 3.3 with JQuery 1.11.1

Everything works as exspected, except heatmap. the jdownloadurl.js generates a link that gets a 403 error whenever I click anywhere on any frontend-page:
so there are a lot of links like this with a 403 error:
subdomain.domain.de/?option=com_ajax&mod...522btn%252522%25255D

Backend: heatmap and clicks are showing no entries.

I tried without .htaccess and turned off admin tools, to be sure that I am not blocking anything through that, but that didnt help.

loading JS in frontend head:
/components/com_extrawatch/js/jdownloadurl.js
/components/com_extrawatch/js/extrawatch.js
/components/com_extrawatch/js/heatmap/heatmap.js
loading JS in frontend body (mod_agent):
/components/com_extrawatch/js/agent.js(+params)

com_ajax is installed through joomla and works.

mod_agent is published and works (with backend statistics)

I am not using any 404redirect-extensions.

Are there any more dependencies I need to check?
Are there any known compatibility issues?
Any ideas at all?
Thanks for your help!
Last Edit: 1 year 10 months ago by larst. Reason: more detailed data
The topic has been locked.

Heatmap 403 Error 1 year 10 months ago #460

Hi,
I am currently abroad and out of office for few days.
I'll get back to your issue as soon as I can ok? thank you
The topic has been locked.

Heatmap 403 Error 1 year 10 months ago #463

Yeah, that´s fine for me, thank you! I am trying to get more info in the meanwhile ;)
The topic has been locked.

Heatmap 403 Error 1 year 10 months ago #465

Problem solved:

The Web Application Firewall from Admin Tools Pro was blocking those links. It was still working, when I turned off the Admin Tools component, because it works via its own system plugin.

If you turn XSSShield OFF, heatmap works like a charm:

WAF->Active Request Filtering->Cross Site Scripting Shield (XSSShield)->NO

Thanks all and cya ;)
The topic has been locked.

Heatmap 403 Error 1 year 10 months ago #478

Thank you very much. It's strange that our extension causes this XSS Warnings, we have it in the list of things to check to prevent these false positives.
The topic has been locked.
Time to create page: 0.107 seconds
X

Drop us your message