Building Experiments for a Logged In State
I'm trying to change a page that I can only see once I've logged in to the application. In fact it's part of the sign up process.
Unfortunately the visual editor doesn't allow me to login. It doesn't seem to allow me to login.
Our system uses Ruby on Rails, is this a common issue?
Essentially, you have to visit your site, login, and navigate to the page you wish to edit. Then, copy the URL and enter it into the editor. The browser needs the session specific information in order to load the page in the correct state. NOTE: The Optimizely snippet must be on the page correctly in order for this to work.
Let us know if this does the trick for you. If not, can you please post the URL?
Hi @Amanda - I'm having a similar issue. I'm trying to load our "subscription" page in the editor. It's the page that comes right after the user signs up in our registration flow.
I followed the steps outlined in the article you recommended, but to no avail. When I load the page in the Optimizely editor, I'm getting redireted to our Login Page with an our error message stating that the user needs to be logged in to view that page. Attached is a screenshot of the editor, within the screenshot is the URL I'm trying to access.
For editor loading-related topics, there are a few additional things you can do to have your site load correctly into the visual editor.
1. Append `&optimizely_disable_proxy=true` to the Optimizely visual editor URL. This will try to force the Optimizely editor to load your page via HTTP or HTTPS. An example URL would look like:
2. Whitelist the Optimizely domains `.optimizely.com` and .optimizelyedit.com`. It's important to note the leading period in both instances. Additionally, contacting your web development team to whitelist these domains within your site's X-Frame-Options settings could be helpful as well. X-Frame-Options could be set to "SAME ORIGIN" meaning that your site cannot be iframe'd by another domain (.optimizely.com for example). When loading webpages into the visual editor, Optimizely loads it as an iframe which is why this setting would need to be adjusted.
Let us know how this works for you!
Manager, Technical Support
Doing both of these things hasn't solved my problem (see: http://cl.ly/image/3y1D2L0r3y2c).
I have set the X-Frame-Options header to 'ALLOW-FROM SAMEDOMAIN, https://optimizely.com, https://optimizelyedit.com, https://www.optimizely.com, https://www.optimizelyedit.com';, and I have added the optimizely_disable_proxy=true
The editor has managed to load a couple of times, but not consistently(most of the time it doesn't)
Any other advice?
I got this working on a post-login page. Chrome does not support X-Frame-Options ALLOW-FROM. If you implemented this, then Firefox should work, but I have not tested it.
It turns out that X-Frame-Options is depricated, and there is a better alternative to support most browsers. Remove the X-Frame-Options header and instead add a Content-Security-Policy header:
Content-Security-Policy: frame-ancestors 'self' *.optimizely.com *.optimizelyedit.com
To do this in rails, for example, you would do something similar to the following in your controller:
response.headers['Content-Security-Policy'] = \ "frame-ancestors 'self' *.optimizely.com *.optimizelyedit.com" response.headers.delete('X-Frame-Options')
Implementing this allowed me to load the post-login site in the optimizely editor using Chrome.