it also says:
[Report Only] Refused to execute inline script because it violates the
following Content Security Policy directive: "script-src 'none'". Either
the 'unsafe-inline' keyword, a hash
('sha256-Ok3h3KQPImLDeT+nhkULWiXKkOr97POy3UBjaF1lQzM='), or a nonce
('nonce-...') is required to enable inline execution.__history__.html?0:88 [Report Only] Refused to load the script ' https://ssl.google-analytics.com/ga.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback. On Fri, Dec 30, 2022 at 9:55 AM V. Alex Brennen <[email protected]> wrote: > Hi David, > > The issue that was causing the failure of your timeline to load has been > corrected through a small code update on the Simile server. > > The system's ability to deliver your code to render your page should be > stable now and I do not expect that you'll have further issues. > > My apologies, for the amount of time it took to correct this problem. > Holiday travel and commitments made tracking down this difficult to > identify problem and correcting it rather challenging. Things were working > for me in some browsers (and browser versions). But, not in others. I've > verified that your asu.edu website is now working correctly for me in all > major web browsers. > > I believe all issues with all sites are corrected at this point. But, I > will be keeping an eye on this Google group to make sure no one else is > having issues. > > I would like to 2nd Dr. Karger's recommendation of using relative protocol > URLs (such as "//api.simile-widgets.org" rather than " > http://api.simile-widgets.org/"; or "https://api.simile-widgets.org/";) is > webpages using Simile javascript. Browser companies (Google, Mozilla, and > Microsoft) have been pushing hard to have websites use TLS (https). This > push includes standards work with W3C on http, hsts, and related protocols > involving security headers and automatic protocol upgrades. The push for > https content extends to the Google Search Engine down ranking content > served over http in search results. > > For anyone that is not currently using https based webpages due to a lack > of security certificate, the EFF's "Let's Encrypt" project provides free > and automatically renewing web server security certificates. > > - Alex > > On Thursday, December 22, 2022 at 7:06:19 PM UTC-5 David Van Fleet wrote: > >> I had this working fine but awhile back someone noted that it was no >> longer working >> I need help!!! >> https://www.public.asu.edu/~vanfleet/history/mgt_timeline.htm >> > -- > You received this message because you are subscribed to the Google Groups > "SIMILE Widgets" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/simile-widgets/ceba9c7a-5a90-488b-b08c-4f8b5c4eedden%40googlegroups.com > <https://groups.google.com/d/msgid/simile-widgets/ceba9c7a-5a90-488b-b08c-4f8b5c4eedden%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "SIMILE Widgets" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/simile-widgets/CAJ%2BrWJms8kvXy_P5HL0-Z49x%3Dsp0cSyuEsfC__DeOg56f9x4xw%40mail.gmail.com.
