This is the technical support forum for WPML - the multilingual WordPress plugin.

Everyone can read, but only WPML clients can post here. WPML team is replying on the forum 6 days per week, 22 hours per day.

Tagged: 

This topic contains 4 replies, has 2 voices.

Last updated by Radu 3 weeks, 6 days ago.

Assigned support staff: Radu.

Author Posts
September 18, 2019 at 11:50 am #4596007

maxL-15

In the url bar, there is this weird SSO iframe token from WPML? 5 customers have it. It is not the normal domaindata url when switching language. What is this and where does it come from?

September 18, 2019 at 11:51 am #4596033

maxL-15

More screenshots.

September 19, 2019 at 7:10 am #4601857

Radu
Supporter

Languages: English (English )

Timezone: Europe/Bucharest (GMT+03:00)

Hey Max,

As I understand from your message (and from the debug information that you attached), you are using the Auto sign-in and sign-out users from all domains on your website. Now, is there any chance that you could attach a link to the page where you see all these iframes, please? I just want to have a look at them and see if they should be there or not.

Thanks,
Radu

September 19, 2019 at 7:20 am #4601883

maxL-15

I am not able to force it as I don't know where the customers are clicking on. I had hoped you know where is comes from if you saw the link. What I do know, is that it has not something to do with the Auto Sign in because that shows this link: hidden link

Same for the others. xdomain_data= instead of WPML_SSO_TOKEN.

September 23, 2019 at 11:20 am #4622931

Radu
Supporter

Languages: English (English )

Timezone: Europe/Bucharest (GMT+03:00)

Hey Max,

The xdomain_data part is used by our plugin to synchronize session data between languages in different domains. You can have a look at this article for some more details: https://wpml.org/documentation/getting-started-guide/language-setup/passing-session-data-between-languages-in-domains/#how-wpml-synchronizes-session-data-between-languages-in-different-domains). As you can see, this is will not cause any issues on your website.

Regarding the wpml_sso_token or wpml_sso_iframe_hash part, I tried a couple times to log in and out, change the language of the website, but I wasn't able to see this issue. Can you tell me if you managed to replicate it or maybe get some more info from the users that send you the screenshot, please?

I just want to be able to replicate it on my side so I can pass it to my colleagues and look for what's causing it. The only thing related that I could find is this errata https://wpml.org/errata/single-sign-on-feature-not-working-due-to-setting-the-x-frame-options-to-sameorigin/. However, I couldn't see this error on your website so I don't think that it applies to you.

Thanks,
Radu

The topic ‘[Closed] Weird iframe token’ is closed to new replies.