6 paź 2023, 13:57 od tr...@gmx.de:
> On 23-10-06 13:41, Tom Hughes wrote:
>
>> On 06/10/2023 12:12, Martin Trautmann wrote:
>>
>>> On 23-10-06 12:55, Tom Hughes via talk wrote:
>>>
>>>> No it was released in June 2020. October 2021 was the last
>>>> security patches.
>>>>
>>>> To answer the original question there have been any deliberate
>>>> changes that I know but given the error it's entirely possible
>>>> that FF has fixed something in what CSP rules it checks for what
>>>> requests.
>>>>
>>>
>>> I doubt that since FF did not see any changes here for some time,
>>> unfortunately. So it appears to be from an OSM editor's change.
>>>
>>
>> I think you misunderstood what I was saying.
>>
>> My hypothesis is that something in iD has started using a data URL
>> where it didn't before and that is triggering a latent bug in your
>> version of firefox (in that it is checking that URL against the
>> media-src rule in our security policy) while newer versions of
>> firefox are checking it against some other rule.
>>
>
> Thanks - that does clarify the issue. But as you say, "something in iD
> has started" - so it's a change within OSM's editor, which does break
> old systems.
>
> Maybe it's a reasonable and necessary change for ID - but maybe it isn't!
>
>
>> Without knowing more about which load is being blocked it's not
>> really possible to say more and I might be totally wrong as I'm
>> just guessing from the limited information available.
>>
>
>
> I agree - but I don't know where else to report this malfunction. It's
> obvious that one part of this bug is an outdated FF version. But that
> does not mean that those have to be excluded.
>
>
If you track down which exact change
changed things then maybe it would make sense to report it
(You can try older iD versions and revisions)
In general I would strongly recommend
not using such ancient and insecure browser.
You can setup dual booting, get new see
computer, move that setup to VM, replace that software...
_______________________________________________
talk mailing list
talk@openstreetmap.org
https://lists.openstreetmap.org/listinfo/talk
