Skip to main content
M
MR_109351587-Bedrock
7-Bedrock
June 20, 2024
Solved

ThingWorx 9.5.2 does not show Design Preview for Mashups

  • June 20, 2024
  • 1 reply
  • 1429 views

We recently stood up a new ThingWorx 9.5.2 server and migrated our data from ThingWorx 9.3.  When we select a Mashup and then Design the Preview does not load.  We get a grey screen with a message that <servername> refused to connect.  We do not see this issue in 9.3.

Best answer by MR_10935158

We figured out the issue.  It was related to having “EnableContentSecurityPolicyFilter” set to true in the platform-settings.json file and not having the following lines uncommented in the the web.xml file under Thingworx/WEB-INF.  We checked our ThingWorx 9.3 instance and those lines were uncommented, so we are not sure if this setting is commented out on new 9.5.2 installs or at some point we uncommented the lines on our 9.3 instance.

 

  <filter>

    <filter-name>ClickjackFilterAllowList</filter-name>

    <filter-class>com.thingworx.security.filter.ClickjackFilter</filter-class>

    <init-param>

      <param-name>mode</param-name>

      <param-value>ALLOWLIST</param-value>

    </init-param>

    <init-param>

      <param-name>domains</param-name>

      <param-value>http://example.com</param-value>

    </init-param>

  </filter>

 

 

1 reply

Rocko
Rocko19-Tanzanite
19-Tanzanite
June 24, 2024

What does the browser console say (F12)?

M
MR_109351587-BedrockAuthor
7-Bedrock
June 24, 2024

I receive "refused to display <URL> in a frame because it set 'X-Frame-Options' to 'deny'.  I'm able to see the mashup if I select "View Mashup" and also if I Edit the mashup then the Design tab works.  It only appears to be an issue when I select the Design tab not in Edit mode.

M
MR_109351587-BedrockAuthorAnswer
7-Bedrock
June 27, 2024

We figured out the issue.  It was related to having “EnableContentSecurityPolicyFilter” set to true in the platform-settings.json file and not having the following lines uncommented in the the web.xml file under Thingworx/WEB-INF.  We checked our ThingWorx 9.3 instance and those lines were uncommented, so we are not sure if this setting is commented out on new 9.5.2 installs or at some point we uncommented the lines on our 9.3 instance.

 

  <filter>

    <filter-name>ClickjackFilterAllowList</filter-name>

    <filter-class>com.thingworx.security.filter.ClickjackFilter</filter-class>

    <init-param>

      <param-name>mode</param-name>

      <param-value>ALLOWLIST</param-value>

    </init-param>

    <init-param>

      <param-name>domains</param-name>

      <param-value>http://example.com</param-value>

    </init-param>

  </filter>

 

 

    Terms & ConditionsCookie settingsAccessibility statement