On 23-10-06 13:41, Tom Hughes wrote:
On 06/10/2023 12:12, Martin Trautmann wrote:
On 23-10-06 12:55, Tom Hughes via talk wrote:
No it was released in June 2020. October 2021 was the last
security patches.
To answer the original question there have been any deliberate
changes that I know but given the error it's entirely possible
that FF has fixed something in what CSP rules it checks for what
requests.
I doubt that since FF did not see any changes here for some time,
unfortunately. So it appears to be from an OSM editor's change.
I think you misunderstood what I was saying.
My hypothesis is that something in iD has started using a data URL
where it didn't before and that is triggering a latent bug in your
version of firefox (in that it is checking that URL against the
media-src rule in our security policy) while newer versions of
firefox are checking it against some other rule.
Thanks - that does clarify the issue. But as you say, "something in iD
has started" - so it's a change within OSM's editor, which does break
old systems.
Maybe it's a reasonable and necessary change for ID - but maybe it isn't!
Without knowing more about which load is being blocked it's not
really possible to say more and I might be totally wrong as I'm
just guessing from the limited information available.
I agree - but I don't know where else to report this malfunction. It's
obvious that one part of this bug is an outdated FF version. But that
does not mean that those have to be excluded.
_______________________________________________
talk mailing list
talk@openstreetmap.org
https://lists.openstreetmap.org/listinfo/talk
