Builder.registerComponent "SecurityError: The operation is insecure." on Firefox

Armand · June 21, 2021, 5:31am

Hello,

We are trying to integrate Builder.io in an existing application and we are having an issue with Builder.RegisterComponent.

We registered a component that has click events. When the user click on the component action button, they are supposed to be redirected to a new page.

This work as expected in Google Chrome but Firefox (89) gives us a DomException: “this operation is insecure”.

We tried to find out what could cause the issue but haven’t had luck so far.

We tried to replicate the issue locally but then the issue doesn’t happen.

Step to reproduce:

Create a component that pushes to the history object, then register it using Builder.registerComponent:

import {withRouter} from "react-router"
import {Builder} from "@builder.io/react"

function MyLink({ history }) {
const handleClick = () => history.push("/page")

return <button onClick={handleClick}>nav</button>
}

const Link = withRouter(MyLink);

Builder.RegisterComponent(Link, {name: "link"});

Then inside Builder.io, use this component in one page or section, publish the change and try clicking on the button.

More Information:

The application is served by an express server, we already allowed *.builder.io in the CSP headers.

The issue only happens in Firefox (tested with 89) so far. On linux and Windows.

The only error we manage to retrieve is : **Error: SecurityError: The operation is insecure.
**

Thank you if you can help with this issue.

kara · July 23, 2021, 7:39pm

@Armand we followed those steps on our side and were not able to reproduce. Any additional details of your setup would help us investigate!

Armand · July 26, 2021, 8:37am

Hello Kara,

My apologies, it took me a while to fix this issue but then I forgot to update this post

The issue was that my website was behind htpasswd basic authentication. The main link I had for testing was https://user:pass@mywebsite.com. Which I didn’t notice at first and it was displayed as https://mywebsite.com in the browser URL. This caused the security exception.

When testing on other browsers, I did type the url https://mywebsite.com by hand, without the user:pass, thus not getting the error.

Edit: the solution was to remove the user:pass@ from the URL and then I’m able to click on links without having security exceptions.

Thank you for your help and sorry for the late reply.

Topic		Replies	Views
Having trouble accessing the builder page General visual-editor , react	7	553	November 13, 2020
We are having trouble connecting to your site Visual Editor Help	19	317	September 18, 2023
Trying to open a local page in Visual Editor but can't authenticate Technical Questions visual-editor	1	268	August 24, 2023
I can't authenticate in my project and add content Visual Editor Help visual-editor , react	0	249	May 15, 2023
The localhost:3000 server stops upon refreshing a new page in Builder or localhost:3000 CMS visual-editor , nextjs	18	1955	December 6, 2023

Builder.registerComponent "SecurityError: The operation is insecure." on Firefox

Related Topics