https://contest.newyorker.com/CaptionContest.aspx?tab=winner
Can anyone see the cartoon? I can't, at least not in Pale Moon. However, if I page through the media section of the the Page Info, it's there (http://www.newyorker.com/wp-content/uploads/2018/01/180129_contest-690.jpg; you'll have close and re-open the Page Info to see it), but it's not scaled correctly, and it still will not render on the page.
Edit: Win7 x64
Can Anyone See the Cartoon?
Moderator: trava90
Forum rules
This board is for technical/general usage questions and troubleshooting for the Pale Moon browser only. The main focus here is on Pale Moon on Windows. Please direct your questions that are specific for Linux and Mac to the dedicated boards for those operating systems.
Technical issues and questions not related to the Pale Moon browser should be posted in other boards!
Please keep off-topic and general discussion out of this board, thank you!
This board is for technical/general usage questions and troubleshooting for the Pale Moon browser only. The main focus here is on Pale Moon on Windows. Please direct your questions that are specific for Linux and Mac to the dedicated boards for those operating systems.
Technical issues and questions not related to the Pale Moon browser should be posted in other boards!
Please keep off-topic and general discussion out of this board, thank you!
-
sevendy
Can Anyone See the Cartoon?
Last edited by sevendy on 2018-02-27, 20:51, edited 1 time in total.
-
Night Wing
- Knows the dark side
- Posts: 4469
- Joined: 2011-10-03, 10:19
- Location: Texas, USA
Re: Can Anyone See the Cartoon?
I get the same results as you and I'm using 64 bit linux Pale Moon (27.7.2).
Linux Mint 20.1 (Ulyssa) Xfce 64 Bit with 64 Bit linux Pale Moon
Re: Can Anyone See the Cartoon?
about:config
searching for: security.csp.enable
double click to false, reload the page
Gets shown
searching for: security.csp.enable
double click to false, reload the page
Gets shown
-
sevendy
Re: Can Anyone See the Cartoon?
Thanks, I noted some type of security warning on the location bar, but "disabling protection" there didn't help.
So, is disabling "security.csp.enable" universally safe to do? Firefox and Waterfox (yeah, I'm still trying to decide who to go with) also has "security.csp.enable = true" without this problem.
So, is disabling "security.csp.enable" universally safe to do? Firefox and Waterfox (yeah, I'm still trying to decide who to go with) also has "security.csp.enable = true" without this problem.
Re: Can Anyone See the Cartoon?
The problem is that they are trying to serve over https but are doing it wrong.
Their CSP indicates image sources may only be loaded over https but their cartoon is served over http.
Normally mixed-mode images are allowed but their own CSP rule blocks it.
Disabling CSP overall in the browser is NOT a good idea, because it will be your primary defense against XSS (cross-site-scripting) attacks.
Please contact the New Yorker and let them know of these issues -- they need to host everything on https if they are going to enforce it.
Their CSP indicates image sources may only be loaded over https but their cartoon is served over http.
Normally mixed-mode images are allowed but their own CSP rule blocks it.
Disabling CSP overall in the browser is NOT a good idea, because it will be your primary defense against XSS (cross-site-scripting) attacks.
Please contact the New Yorker and let them know of these issues -- they need to host everything on https if they are going to enforce it.
"Son, in life you do not fight battles because you expect to win, you fight them merely because they need to be fought." -- Snagglepuss
