javascriptlinkedin-apilinkedin-jsapi

LinkedIn Login: Blocked a frame with origin "https://platform.linkedin.com" from accessing a frame with origin


We had Login with LinkedIn code set up and working perfectly with LinkedIn Javascript SDK, where a few days ago we suddenly started to get this:

Blocked a frame with origin "https://platform.linkedin.com" from accessing a frame
with origin "https://OUR_SITE". Protocols, domains, and ports must match.

And login does not complete (it returns from LinkedIn to our page and waits forever). I have no idea why we started to get this error when everything was working perfectly (we haven't changed a single line of code about the login mechanism, or allow origin headers/files, or LinkedIn settings etc) but I decided to add platform.linkedin.com to allow origin header:

Access-Control-Allow-Origin: https://platform.linkedin.com

I can see the header sent in response correctly. However, I'm still getting the very same error.

Why did this start happening and how can we prevent this? I mean, I know Microsoft bought LinkedIn but come on, they can't break it that fast.


Solution

  • Seems like it's broken forever.

    I've ended up giving up on LinkedIn SDK completely, and using vanilla JS to open up a window, check for it's events, redirect back to my own domain (to be able to read window location and not hit into a browser sandbox) and read the token from there and use the token to manually do whatever I do.

    I've never seen a company care less about their own developer platform, but again, at least, as a developer I can tell you that you can implement the "Login with LinkedIn" mechanism by hand.