Can't configure OBi1032...
drgeoff:
Would someone please explain?
1. Is the firmware in OBi devices producing web pages containing invalid html?
2. Is a recent version of Chrome browser not properly displaying valid html?
N7AS:
Quote from: drgeoff on July 28, 2015, 03:10:08 pm
Would someone please explain?
1. Is the firmware in OBi devices producing web pages containing invalid html?
2. Is a recent version of Chrome browser not properly displaying valid html?
I was thinking the same thing. We did have an update to the OBi1032 not too long ago. But nothing for the OBi2xx devices. I only noticed the problem when I wanted to add a speed dial a few days ago. So I doubt it's in the device firmware. It's most likely a Chrome problem as I can use Firefox to get into the local GUI.
SteveInWA:
It's not "invalid" HTML, per se. It's just that the latest versions of Chrome Browser have a problem displaying the code, the way it was originally written by Obihai.
If you look at the OBi configuration pages via the OBiTALK portal, you'll see a two-column left sidebar, that includes the pictures and Amazon links to the devices, and then the column of the various configuration settings. Rather than re-write that entire page every time a different configuration section is viewed or edited, the pages use an iframe to display a "page within a page". For example, if you click on the system status selection in the sidebar, you'll see the screen flash and then load the system status iframe on the right.
I don't feel like wading through the Chrome Browser changelog, but my guess is that the Chrome developers made some sort of subtle change to the iframe display code, that is causing it to fail to load the iframes being served to it by OBi. Often, these are security vulnerabilities that get patched (e.g. to avoid a malicious iframe being inserted). The other web browsers (IE and Firefox for example) may or may not also make this change in the future, depending on whether it's a security issue or not.
The web server (either the OBiTALK portal, or the device's built-in web server) needed an update to cope with this change. Obihai fixed their portal server code, but doing so on the devices means that the embedded web server in the devices' firmware needs to be patched.
If you are curious, you can load the portal page in Chrome, and right click on some area of the page, and then select "inspect element". A window displaying the page's HTML will appear, and you can click around the page to look at the code.
Does that make sense?
N7AS:
The thing that is strange is that Call History is displayed in the frame and nothing else.
SteveInWA:
Quote from: N7AS on July 28, 2015, 05:20:28 pm
The thing that is strange is that Call History is displayed in the frame and nothing else.
There is nothing strange about that. I've explained why the problem exists. It's possible that there are some frames that can be rendered correctly, while others can't. Notice that the call history page is in a different format from the settings pages. It's a moot point. Whenever Obihai gets around to patching the embedded web server code via a firmware update, the problem will get fixed. In the meantime, either use a non-Chrome browser to view the pages, or use the portal.
HTML is an evolving standard, and two things are as certain as the sun rising every day: new standards and best practices will emerge that involve changes to web server code, and new security vulnerabilities will be discovered that need to be patched. You can Google "iframe vulnerability" to understand how this helpful part of HTML introduced some security exposures that need to be addressed from time to time, and how evolving HTML standards (e.g. HTML5, CSS) emerge that offer new ways to display content. You can't expect the little embedded web server in your various connected gizmos to continue to work properly without periodic updates.
** extra credit: when iframes were first used, a major concern was that an attacker could inject a fake iframe inside a legitimate website, to steal your private information. For example, you might have been on a banking or shopping website, but a vulnerability allowed some other (bad actor) web server to insert an iframe that looked like a form for you to fill in, thus tricking you into giving them your private data.
Navigation
[0] Message Index
[#] Next page
[*] Previous page