Cannot decrypt the content - application in iframe in safari


just upgraded silkUI to 2.2.2 but now I am getting this error when having a application in an iframe in safari:

Cannot decrypt the content

at OutSystems.RuntimeCommon.Cryptography.SymmCryptHelper.DecryptThenMacWithAESDotNet(Byte[] keyBytes, Byte[] allBytes, Byte[] associatedData)
   at OutSystems.HubEdition.WebWidgets.OSPageViewStateCompressed.DeserializeViewState(String viewState, String& hash)


That doesn't look like it's anything related to silk.

One of the latest platform security upgrades included viewstate encryption and that's what is causing your that problem.

I recommend you reading about cross-domain iframes and cookies in safari (it probably also affects IE in the same way, since both browsers have the same iframe restrictions), that is most likely the cause of your issue.

João Rosado 

Agreed, reading somewhat more and I noticed we had indeed some crossdomain issues.

Funny enough it's only happening so far in safari.

ah well, out of my hands atm :)


I have searched, but unable to fix it for the iframe.

Guess I have to strip silkUI now, use cookies=false and hopefully that will solve it.

the encryption is indeed something fishy.

Like I said your issue has nothing to do with SilkUI.

Also setting the module to Use Cookies to false will most likely won't help as the problem is not the session cookie.

If you need more help on it I recommend you opening a support case for it.


João rosado

That I figured already :)



Did you ever figure out what the issue was? I have the same problem it seems.




it's a matter of policies with safari and ie.. nothing to do about it.

(always prevent iframes btw  ;) )

J. wrote:


it's a matter of policies with safari and ie.. nothing to do about it.

(always prevent iframes btw  ;) )

Can you explain J. ? I'm getting a lot of issue with this too.

What kind of policies we need?
Maybe this Class (OSPageViewStateCompressed) can perform this problem when AJAX involved. Cause I guess this compressed and encrypt the viewstate

When we are in a web farm this can cause some issues in my research.