Development news: First update in a long while !

Read and comment on the latest community news and site updates.
User avatar
Unas
Admin / Site programmer
Posts: 8850
Joined: Tue Jul 10, 2007 4:43 pm
Gender: Male
Spoken languages: Français, English, Español
Contact:

Re: Development news: First update in a long while !

Post by Unas »

From what I read, I guess privacy badger is indeed including a specific CSS file in all pages you load in order to prevent social network widgets from displaying, and therefore tracking the user.

But anyway, now you have your answer indeed ;-)
I'll try to update the script to be more restrictive about the URIs it picks up, maybe excluding all those which are with a different protocol or domain as the current page, but until then you'll have to choose between AAO and PB :-P
ImageImageImage
If knowledge can create problems, it is not through ignorance that we can solve them.
Si le savoir peut créer des problèmes, ce n'est pas l'ignorance qui les résoudra. ( Isaac Asimov )
User avatar
Enthalpy
Community Manager
Posts: 5169
Joined: Wed Jan 04, 2012 4:40 am
Gender: Male
Spoken languages: English, limited Spanish

Re: Development news: First update in a long while !

Post by Enthalpy »

Or he can just keep using Chrome.

I added this one to the bug tracker last night. This problem also breaks the static_test in Chrome, so double the reasons to get this fixed.
[D]isordered speech is not so much injury to the lips that give it forth, as to the disproportion and incoherence of things in themselves, so negligently expressed. ~ Ben Jonson
User avatar
Unas
Admin / Site programmer
Posts: 8850
Joined: Tue Jul 10, 2007 4:43 pm
Gender: Male
Spoken languages: Français, English, Español
Contact:

Re: Development news: First update in a long while !

Post by Unas »

It's not the same thing, though.
  • kwando's issue is that, because of his extension, a new CSS from another domain is added. Same origin policy prevents loading files from other domains through XHR, so the style loader crashes.
    There is a "simple" solution : check the domain before doing the call, so that only CSSs from the same domain as the current page are handled by the style fixer.
  • The Chrome issue in static install is that Chrome's implementation of the same-origin policy when using the file:// protocol is ridiculously restrictive.
    Basically, Firefox considers that files in subfolders of the current page are part of the same domain (so /CSS/*.css are considered part of the same domain as /player.html). This allows everything to work as expected.
    Chrome, on the other hand, considers that different folders are different domains, no matter if they are included or not. So /player.html can not load /CSS/*.css through XHR, period.
So I can fix kwando's issue for Firefox, but static testing in Chrome without using an HTTP server is unfortunately impossible until Chrome decides to update their ridiculous policy.
ImageImageImage
If knowledge can create problems, it is not through ignorance that we can solve them.
Si le savoir peut créer des problèmes, ce n'est pas l'ignorance qui les résoudra. ( Isaac Asimov )
Locked