We had Login with LinkedIn code set up and working perfectly with LinkedIn Javascript SDK, where a few days ago we suddenly started to get this:
Blocked a frame with origin "https://platform.linkedin.com" from accessing a frame
with origin "https://OUR_SITE". Protocols, domains, and ports must match.
And login does not complete (it returns from LinkedIn to our page and waits forever). I have no idea why we started to get this error when everything was working perfectly (we haven't changed a single line of code about the login mechanism, or allow origin headers/files, or LinkedIn settings etc) but I decided to add platform.linkedin.com to allow origin header:
Access-Control-Allow-Origin: https://platform.linkedin.com
I can see the header sent in response correctly. However, I'm still getting the very same error.
Why did this start happening and how can we prevent this? I mean, I know Microsoft bought LinkedIn but come on, they can't break it that fast.
Seems like it's broken forever.
I've ended up giving up on LinkedIn SDK completely, and using vanilla JS to open up a window, check for it's events, redirect back to my own domain (to be able to read window location and not hit into a browser sandbox) and read the token from there and use the token to manually do whatever I do.
I've never seen a company care less about their own developer platform, but again, at least, as a developer I can tell you that you can implement the "Login with LinkedIn" mechanism by hand.