Overview
Users are unable to successfully upload videos when using Chromium-based browsers like Google Chrome (v90+) and Microsoft Edge (v90+). The frame where the uploaded video should show, instead shows a home page or broken authentication page. Clicking the “publish” button does nothing. Not reproducible in Safari or Firefox. You may also see an error saying, "Your API signature has expired. Please request a new one and try again".
The below screenshots show examples of how the video frame may look after an upload.
Prerequisites
- The instance is configured to use Hyland/Twistage for video.
- If the instance has been migrated to Jive Video on AWS, the issue should no longer appear.
Solution
Root Cause
There has been a configuration change in Chrome version 90, where the browser is configured to treat cookies that don’t specify a SameSite attribute as if they were SameSite=Lax. This is causing some of Jive’s cookies to be blocked. This error appears in Google Chrome v90 and higher and also in Microsoft Edge v90 and higher because Edge is based on the Chromium engine of Chrome. It is likely to affect other Chromium-based browsers as well.
<supportagent>
See Jira JVHOPST 50995 for the RCA.
See Jira JVHOPST 51097 for the Solution - fixed on HOPS 9.8.0.
</supportagent>
For Hosted/On-Premises:
This issue has been fixed in Jive Hosted/On-Premises version 9.8.0. For earlier versions of Jive, the below changes are required in apache httpd settings.
- On all Jive server nodes, check if Jive’s httpd service is running.
- Run the command:
jive status httpd
- This should return:
httpd running=XXXX enabled
- Run the command:
- Add the below snippet after the last LoadModule directive in
/usr/local/jive/etc/httpd/conf/httpd.conf
(around Line 90) on all Jive server nodes on which Jive's httpd service is running:<IfModule headers_module> Header edit Set-Cookie "^(?!.*(\s+|;)(?i)SameSite=)(.*)" "$0; SameSite=None" </IfModule>
- Restart Jive's httpd service on all Jive server nodes on which Jive's httpd service is running:
jive restart httpd
- Make sure the below Jive property is set:
-
jive.cookies.secure = true
- You can check this in Admin Console > System > Management > System Properties.
-
- After any Hosted/On-Premise upgrade that doesn’t include the fix from Jive 9.8.0, the above steps need to be repeated.
For Cloud:
This issue should not occur once the video provider is migrated from Hyland/Twistage to Jive Video on AWS. You can check if this has been done on your instance by following the below steps:
- Navigate to Admin Console > System > Management > System Properties.
- Check if below property is set:
jive.video.aws.enabled = true
- If it is true, then the instance has been migrated to Jive AWS Video.
Workaround:
In case you are not able to apply any of the above solutions, you can apply a workaround that involves starting Chrome and Edge with custom command-line arguments.
- Right-click the desktop shortcut for Chrome/Edge and add the following command-line flag in the Target section: --disable-features=SameSiteByDefaultCookies
- Apply the changes, close all Chrome/Edge browser windows and start them again from the shortcut.
Note: The above workaround will only work for Chrome & Edge versions older than 94, as support for these arguments is being removed in Chrome 94 (expected to be in a stable release on Sep 21, 2021).
Testing
Users should be able to upload videos and view them successfully after the videos complete processing.
Comments
0 comments
Please sign in to leave a comment.