Yes, the Glitch link is fixed.
I believe I’ve discovered the problem – our client.js was imported from http://trello.com/1/client.js instead of https://trello.com/1/client.js (i.e. http instead of https in the script src)! For whatever the reason, that made the script import and the popup to work fine all the way until it needs to send a success signal and close itself.
When I add the ‘s’, it seems to work fine from what I’ve seen so far, though I’ve just checked that the success callback is triggered and that there is a token set. So far so good - I’ll keep you posted if something goes wrong.
This can’t be reproduced on Glitch because it immediately blocks the script from loading from non-https.
Thanks a lot for your help, and sorry for taking your time.
I submit a new ticket on that forum to tell them that the 2 client.js links are no longer working, and my post was marked as SPAM “by the community” !!! What? Submitting a bug is a spam?
Can you give me more details on where you submitted a ticket about client.js links? Not seeing anything in this forum that involved a post by you getting marked as spam.
Also, can yo re-submit your bug here? Where are the bad client.js links?
The client.js docs (client.js Reference) link to the following two resource that appear to be working:
I have the same problem. The piece of script with window.opener.postMessage... is missing in the opening popup’s source and no message is sent back to the opener (my app).
@BentleyCook , the Glitch demo isn’t working. When I preview it in a separate window, click “Authorize”, a popup opens with the message:
Invalid return_url. The return URL should match the application’s allowed origins. Contact the developer.
It’s been awhile since I’ve looked at this. But this message leads me to suspect that you need to update your API key’s allowed origins to include where ever your app is hosted.
I no longer have access to the API key used in the Glitch project, so am unable to update that key’s allowed origins to include Glitch’s domain…
Hey