A checklist of steps to ensure your browser is configured to properly launch SiteSpect's Visual Editor
Visual Editor Checklist
SiteSpect’s visual editor is a powerful WYSIWYG tool to create changes to your company’s digital experience. In order to ensure the proper loading and use of the visual editor, we have compiled a checklist for you to avoid any issues.
- Confirm Preview works before launching VE
- Load the Site in HTTPS
- Accept 3rd party cookies
- Turn off browser extensions that could get in the way
- Allow for Mixed-Active-Content
- Browser Warnings for Self Signed SSL Certificate
- Removing Frame Busting
- Clear HSTS settings (clear reference to the domain you are working on)
- Confirm if your system(s) remove our X-Frame-Options header
Exit out of VE, launch a preview from the campaign builder and the preview bar loads without any errors. If you do see an error or browser warning follow the instructions in “Browser Warning for Self-Signed SSL Certificates”. Once a preview is established, go ahead and launch the Visual Editor paying attention to the other checklist suggestions listed below.
Load the Site in HTTPS
If your site is typically loaded in HTTPS you will want to verify that the preview URL the Visual Editor is using is also in HTTPS. Check that your Site and Campaign preview URL is in HTTPS.
Browser Warning for Self-Signed SSL Certificates
SSL certificates are what enable websites to move from HTTP to HTTPS, which is more secure. A “self-signed” certificate is one that you have created and was not signed by a certified authority. If this is the case, you may see a warning in your browser saying “Your Connection is Not Secure” with a button for “Back to Safety”. You do not need to worry about any security issue with SiteSpect’s Visual Editor. Simply click the link for advanced and add this as an exception or proceed to the destination.
Accept 3rd Party Cookies
Change your browser settings to accept 3rd party cookies or to stop blocking cookies
Turn off Browser Extensions
In rare cases you may have enabled a browser extension that is not compatible with SiteSpect’s Visual Editor. It's always good to disable browser extensions when first launching the Visual Editor or if you are experiencing a problem with it loading.
Allow for Mixed Active Content
Allow your browser to load insecure content. This is a safe action; you are only loading content from SiteSpect. Follow these steps:
Removing “Frame Busting” from your site
Frame Busting is a technique used by websites and web applications to prevent their web pages from being displayed within a frame. A frame is a subdivision of a Web browser window and can act like a smaller window. Frame Busting is usually used to prevent a website from being loaded from within a frame without permission or as an attack, as with clickjacking. SiteSpect’s Visual Editor is loading your site in a frame, so if there is Frame Busting on your site it first needs to be removed. The good news is that this removal can be done directly by SiteSpect using a customer Global Variation. Please contact your customer support representative to discuss setting one up.
Clear HSTS cache settings
HSTS stands for HTTP Strict Transport Security. It enables browsers to forge better connections via HTTPS and at the same time, limits HTTP connections that will inevitably be less secure. The implementation of HSTS can occasionally cause browser errors in certain cases. This is an issue that can easily be resolved through the effective clearing of HSTS settings on most major browsers.
Clear HSTS settings For Chrome
When there is an issue with your HSTS settings in Chrome, you will most often encounter an error message such as “Your connection is not private”. Within the advanced menu of this error message, there would likely be an explicit mention of HSTS settings. You can delete the HSTS cache from your Chrome browser by implementing the following steps:
- Open Google Chrome
- Search for chrome://net-internals/#hsts in your address bar.
- Locate the Query HSTS/PKP domain field and enter the domain name that you wish to delete HSTS settings for.
- Finally, enter the domain name in the Delete domain security policies and simply press the Delete button.
Clearing HSTS in Firefox
Whilst there are several methods for clearing or disabling HSTS in Firefox, the most straightforward approach is as follows:
- Start by closing any open windows.
- Next, open your browsing history by clicking Ctrl + Shift + H.
- Navigate your way to the site that your wish to clear the HSTS settings.
- Right click on the site and click on Forget About This Site. Be mindful that this will clear all data of the site that is currently in Firefox.
Confirm if your system(s) remove our X-Frame-Options header
Sometimes your systems or content delivery network (CDN) will remove our X-Frame-Options header that is required for the Visual Editor to function. If you think this could be the issue you are experiencing please reach out to firstname.lastname@example.org to assist in the investigation.
If this happens to be the issue there are two resolutions:
- Have your system/CDN not remove our X-Frame-Options header.
- 2. Use a browser extension called "Ignore X-Frame Headers" that will allow our VE to function for your machine once installed.