Skip to main content
arrow-left Back to Docusign.com
Solved

Embedded signing with focused view not redirecting after signing

  • February 28, 2024
  • 6 replies
  • 1209 views
V
Newcomer
Forum|alt.badge.img+2

I am using the Docusign SDK in a .Net web application.  I am creating an envelope and then sending the client a URL.  With this URL it opens a page that uses the envelopeid to generate the signing URL and then using Docusign JS to display within the page.   Everything is working except for the returnURL.  Once signing is completed it just displays a blank page.  The browser is returning this error in the console.

Refused to frame 'https://localhost:44377/' because it violates the following Content Security Policy directive: "frame-src 'self' https://docucdn-a.akamaihd.net/ https://apps-d.docusign.com https://demo.docusign.net https://account-d.docusign.com https://proof-d.docusign.net https://identity-d.docusign.net https://content.googleapis.com https://docs.google.com https://players.brightcove.net https://www.youtube.com https://accounts.google.com https://docusign.sjv.io https://docusign.co1.qualtrics.com/ https://apps.usw2.pure.cloud".

I am assigning the FrameAncestors and Message Origins.  Not sure what I am missing here. 

Ancestors.Add("https://localhost:44377")
 Ancestors.Add("https://apps-d.docusign.com")
Origins.Add("https://apps-d.docusign.com")

Best answer by Byungjae.Chung

By design, the focused view allows the customer to do whatever they need to do on the page by using the event handlers. That is, even though you get the CSP error, you can redirect the page by adding the line "window.top.location.href" under "sessionEnd" event handler like the below:

signing.on('sessionEnd', (event) => {
 console.log('sessionend', event);
 window.top.location.href = event.returnUrl; // redirect to the return Url
 });

The CSP error is caused as your redirect URL is not registered in the CSP rule. But it doesn't matter to redirect your page to the target page with the code above. 

6 replies

S
Docusign Employee
Forum|alt.badge.img+7
  • Sai.DandamudiDocusign Employee
  • Docusign Employee
  • March 19, 2024

Team

 

I'm Sai with DocuSign Developer Support. Could you please:

Enable API logging and re-produce your use case, then attach to the case.
Record a HAR file of the error, export and attach to the case (Here is how to do this: https://help.okta.com/oag/en-us/content/topics/access-gateway/troubleshooting-with-har.htm)
Export the console logs of the error and attach to the case (Here is how to do this: https://support.shortpoint.com/support/solutions/articles/1000222881-save-browser-console-file)
Here are the instructions for API logging: 

The API Request Logs show the exact API request received by DocuSign which will provide more clues on what's happening. API Request logs are user dependent and when making calls using the DocuSign API via your app, the activity would be logged to the DocuSign user making the API calls. 

To get the API Request Logs, login to the DocuSign user that makes the API calls to create the envelopes:
1) You would click your Profile image, and select My Preferences in the dropdown menu. 
2) Clear logs if there are any.
3) Make sure logging is enabled.
4) Click Save. 
5) Run your process via your application to send the DocuSign envelope. 
6) Once that completes, refresh the General Settings page in DocuSign and click Download. 
7) You can then send over the zip folder for us to review (there should be a file in that zip folder with a name that includes something like "Created_CreateEnvelope" if the call completes successfully or “BadRequest” if you got an error.


This article includes visual steps for capturing API Request Logging: https://support.docusign.com/en/guides/ndse-user-guide-api-request-logging

 

Please open a support case with DS with all the details above as there is an existing investigation going on this issue.

 

"Select as Best" below if you find the answer a valid solution to your issue and mark it as resolved.

--
Thanks & Regards

Sai HariPriya Dandamudi | Developer Support Engineer | DocuSign

 

P
P
Newcomer
Forum|alt.badge.img+1
  • paoloNewcomer
  • Newcomer
  • May 30, 2024

Any update here?

S
New Voice
Forum|alt.badge.img+1
  • SergioGNew Voice
  • New Voice
  • May 31, 2024

Same problem with Node SDK, everything works fine, but on redirect the iframe throw the error

Refused to frame 'https://myapp.url/' because it violates the following Content Security Policy directive: "frame-src 'self' https://docucdn-a.akamaihd.net/ https://apps-d.docusign.com https://demo.docusign.net https://account-d.docusign.com https://proof-d.docusign.net https://identity-d.docusign.net https://azure-demo.docusign.com https://content.googleapis.com https://docs.google.com https://players.brightcove.net https://www.youtube.com https://accounts.google.com https://docusign.sjv.io https://apps.usw2.pure.cloud https://docusign.co1.qualtrics.com/ https://sawmill-stage.docusigntest.com https://docusign.okta.com https://demo.forms.docusign.com".

RecipientViewRequest definitions:

viewRequest.frameAncestors = ['https://myapp.url', 'https://apps-d.docusign.com']
viewRequest.messageOrigins = ['https://apps-d.docusign.com']

Was there a solution to the problem that you can share?

 

Thanks in advance.

 

B
Docusign Employee
Forum|alt.badge.img+8
  • Byungjae.ChungDocusign Employee
  • Docusign Employee
  • Answer
  • June 20, 2024

By design, the focused view allows the customer to do whatever they need to do on the page by using the event handlers. That is, even though you get the CSP error, you can redirect the page by adding the line "window.top.location.href" under "sessionEnd" event handler like the below:

signing.on('sessionEnd', (event) => {
 console.log('sessionend', event);
 window.top.location.href = event.returnUrl; // redirect to the return Url
 });

The CSP error is caused as your redirect URL is not registered in the CSP rule. But it doesn't matter to redirect your page to the target page with the code above. 

Renan.Araujo
S
New Voice
Forum|alt.badge.img+1
  • SergioGNew Voice
  • New Voice
  • June 28, 2024

Yes I am using the 'sessionEnd' event but I am not redirecting to another page, everything is done within the same page.

Actually in 'sessionEnd' I hide the element where the document is rendered, but if the document is rejected it is redirected inside the ds generated iframe and the error is fired, it does not affect the user but the error is registered in console.

V
Newcomer
Forum|alt.badge.img+2
  • virginiafNewcomer
  • Author
  • Newcomer
  • June 29, 2024

Byungjae.Chung  solutions solved my problem, it bypasses the error and redirects the page.Thanks!

Code of ConductAccessibility statement

Docusign Community

Code of Conduct