Custom Preview Widgets - "drag the dark cloud on to the white cloud"
AnsweredHi - I just noticed that something about Box seems to have changed overnight.
I've been using custom previews which are 330 x 150 for some years now, which used to be fine - but now they're rendered in a way which involves asking users to drag an absurdly tiny dark cloud into a white one (as attached) which is both impractical and ugly.
Is this a temporary glitch or is this something Box is going to continue to do? It's going to be a lot of work to go back and have to correct the size of absolutely all the preview boxes (plus making them larger is not going to work well with the design I have).
-
For myself and one of my instructors all box links embedded in our canvas courses we’re forcing repeated security authentication like this suddenly. This must be an issue on Box’s side because this was not the case previously. For a temporary solution Canvas directed us to clear browser cache (we were using chrome) which worked.
-
So I understand why this is done but please can we choose to disable it in certain instances? as Hannon,Michael says we use this a lot for Canvas embedding and it is a barrier to Students clicking into items. For example in a Canvas Announcement we use Box embed widget to display the PDF allow the URLS embedded within that PDF to be clickable. Very low stakes and the Student has already logged into Canvas to be able to get to the announcement so they are sure what we are posting is safe.
I short can you turn on the ability to TURN off the "Drag the Cloud" game .
"How does Box prevent clickjacking?
To guard against clickjacking attacks, Box employs preventative measures in our embed widget as well as an X-Frame-Options header.
Our embed widget uses an interactive "Drag the Cloud" game in which a white cloud puzzle piece, randomly placed on the page, needs to be plugged into a cloud-shaped "hole" in the page, also randomly placed on the page. Because both of the objects are randomly placed on the page, the user's click locations cannot be predicted easily by attackers, making a clickjacking attack less effective and an attempt to use clickjacking measures less worthwhile. This randomized interaction is the most effective method of preventing clickjacking attempts available for embedded content. Users can feel secure that they are interacting with the correct site if they are able to click and drag the cloud into the correct place."
-
Hi Dave,
Welcome to Box Community and glad to help!
While I'm reaching out to our specialists regarding this error, can you please try these troubleshooting steps?
- Make sure your browser's up to date.
- Clear your browser's cache and cookies, here are the steps.
- Try another browser, network connection and/or machine.
- Check if your firewall is configured.
- Disable any plugins/add-ons/extensions.
Let us know how it goes,
Please sign in to leave a comment.
Comments
8 comments