[OSM-talk] software requirements for OSM Editor: Firefox
Tom Hughes
tom at compton.nu
Fri Oct 6 11:41:40 UTC 2023
On 06/10/2023 12:12, Martin Trautmann wrote:
> On 23-10-06 12:55, Tom Hughes via talk wrote:
>> No it was released in June 2020. October 2021 was the last
>> security patches.
>>
>> To answer the original question there have been any deliberate
>> changes that I know but given the error it's entirely possible
>> that FF has fixed something in what CSP rules it checks for what
>> requests.
>
> I doubt that since FF did not see any changes here for some time,
> unfortunately. So it appears to be from an OSM editor's change.
I think you misunderstood what I was saying.
My hypothesis is that something in iD has started using a data URL
where it didn't before and that is triggering a latent bug in your
version of firefox (in that it is checking that URL against the
media-src rule in our security policy) while newer versions of
firefox are checking it against some other rule.
Without knowing more about which load is being blocked it's not
really possible to say more and I might be totally wrong as I'm
just guessing from the limited information available.
Tom
--
Tom Hughes (tom at compton.nu)
http://compton.nu/
More information about the talk
mailing list