Issue with Creatio Landing Pages For Chrome 85 and Safari 14 (Plus a Workaround)

If you use Creatio landing pages, be aware of an issue that affects website visitors using Chrome 85 or Safari 14. In the recent update of Chrome 85 and Safari 14, the default referrer policy changed to strict-origin-when-cross-origin. You can see more about this change from the Chrome team here.

The issue that this causes for Creatio is that when a landing page is submitted, the CheckExternalURLContainsRequest method in the GeneratedWebFormValidator source code schema fails when checking to see if the referrer of the request matches the domain defined for the landing page. Meaning, when you submit a landing page, it checks to see if the request came from the page defined for the landing page in the “Website domains” by checking the request referrer. If the url the request came from doesn’t match the url in the “website domains” for the landing page, it rejects it. However, it still returns a HTTP status of 200, as if it were a valid request, but the response comes back as:

{"SaveWebFormObjectDataResult":"{exceptionType:\"\",resultMessage:\"Not allowed request URL.\",resultCode:-1}"}

So, basically, the form is submitted, but nothing happens. No error is seen, and also no data is added in Creatio.

The reason why this is happening, due to the new default referrer policy, is that because the request is being submitted to a different domain than what the website is where the landing page is hosted, the referrer is changed from something like this:

https://mywebsite.com/somepath/somepage/

to this, where only the root domain, known as the “origin”, is sent as the referrer:

https://mywebsite.com

This means that the referrer check done by Creatio will fail and the form data will be rejected. The worst part is, unless some website visitor tells you they click submit and nothing happens (if they even notice), you’ll never know that your landing pages aren’t working.

 

The Workaround

I’ve been told by Creatio developers that this issue will be fixed in the next epic, assuming that they’ll include the header Referrer-Policy "no-referrer-when-downgrade". However, for now, you can simply add the base domain to the list of “website domains” for all of your landing pages, then it will work for both the full url where the landing page is hosted (for cases where the user is using a browser like Edge or Firefox), as well as just the domain (for cases where the user is using Chrome or Safari). Meaning, add the following to the website domains for the landing page:

https://mywebsite.com/somepath/somepage/, https://mywebsite.com

Now it will work in both cases.

Want content like this delivered to your inbox? Sign up for our newsletter!
ABOUT THE AUTHOR

Ryan Farley

Ryan Farley is the Director of Development for Customer FX and creator of slxdeveloper.com. He's been blogging regularly about SalesLogix, now Infor CRM, since 2001 and believes in sharing with the community. His new passion for CRM is Creatio, formerly bpm'online. He loves C#, Javascript, web development, open source, and Linux. He also loves his hobby as an amateur filmmaker.

Submit a Comment

Your email address will not be published. Required fields are marked *