X
Tippen Sie hierhin, um die Version dieser Website für Mobilgeräte aufzurufen.

Hilfeforum

javascript files on local system (WIN10) not loading in 68.0, disable java in about:config HTML displays

Veröffentlicht

This just started, fine yesterday. Looks like the browser is not handling JS correctly.

This just started, fine yesterday. Looks like the browser is not handling JS correctly.

Ausgewählte Lösung

Thanks so much for the workaround!

Diese Antwort im Kontext lesen 0
Zitieren
hellosct1
  • Top 25 Contributor
14 Lösungen 145 Antworten
Veröffentlicht

Hi,

this is the blocked content the configuration of access to the content must be modified as follows

https://support.mozilla.org/en-US/kb/content-blocking

Hi, this is the blocked content the configuration of access to the content must be modified as follows https://support.mozilla.org/en-US/kb/content-blocking
Hat Ihnen das weitergeholfen?
Zitieren

Fragesteller

I am trying to load a local file on my C drive, not from a web site. These instructions apply to web sites. How do I grant permissions for reading local files with embedded javascript?

I am trying to load a local file on my C drive, not from a web site. These instructions apply to web sites. How do I grant permissions for reading local files with embedded javascript?
Hat Ihnen das weitergeholfen?
Zitieren
jscher2000
  • Top 10 Contributor
8578 Lösungen 70132 Antworten
Veröffentlicht

Hi VinceVega, Firefox 68 has a new security patch which limits file:// pages from loading some types of content from file:// URLs. Could you check the Web Console to see whether that is the issue in your case. Here's how:

You can open the Web Console in the lower part of the tab using either:

  • "3-bar" menu button > Web Developer > Web Console
  • (menu bar) Tools > Web Developer > Web Console
  • (Windows) Ctrl+Shift+k

Then reload the page in the upper part of the tab and watch for error or security messages. In particular, do you see

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///<your URL> (Reason: CORS request not http).

Or something else?

Hi VinceVega, Firefox 68 has a new security patch which limits file:// pages from loading some types of content from file:// URLs. Could you check the Web Console to see whether that is the issue in your case. Here's how: You can open the Web Console in the lower part of the tab using either: * "3-bar" menu button > Web Developer > Web Console * (menu bar) Tools > Web Developer > Web Console * (Windows) Ctrl+Shift+k Then reload the page in the upper part of the tab and watch for error or security messages. In particular, do you see Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///<your URL> ([https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp Reason: CORS request not http]). Or something else?

Geändert am von jscher2000

Hat Ihnen das weitergeholfen?
Zitieren

Fragesteller

These are the errors that I get when I try to load the local html file with javascript. Note the char encoding of the HTML is declared:

<meta content="text/html" http-equiv="content-type"> <meta content="UTF-8" http-equiv="charset"> <title>wwhelp_entry.html</title> <script language="JavaScript1.2" type="text/javascript"> . . . ------------------------------------------------------------------- The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. wwhelp.htm The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. api.htm The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. wwhsec.htm The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. switch.htm The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. wwhelp.htm SecurityError: Permission denied to access property "WWHBrowser" on cross-origin object

</script>

These are the errors that I get when I try to load the local html file with javascript. Note the char encoding of the HTML is declared: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <!-- Copyright (c) 2000-2013 Quadralay Corporation. All rights reserved. --> <head> <meta http-equiv="content-type" content="text/html" /> <meta http-equiv="charset" content="UTF-8" /> <title>wwhelp_entry.html</title> <script type="text/javascript" language="JavaScript1.2"> . . . ------------------------------------------------------------------- The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. wwhelp.htm The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. api.htm The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. wwhsec.htm The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. switch.htm The character encoding of the HTML document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the page must be declared in the document or in the transfer protocol. wwhelp.htm SecurityError: Permission denied to access property "WWHBrowser" on cross-origin object
Hat Ihnen das weitergeholfen?
Zitieren
jscher2000
  • Top 10 Contributor
8578 Lösungen 70132 Antworten
Veröffentlicht

Hi VinceVega, I'm not concerned about the character encoding warning. What do you think triggered this last one:

SecurityError: Permission denied to access property "WWHBrowser" on cross-origin object

Does the page use a script to load or switch pages in frames or iframes?

Hi VinceVega, I'm not concerned about the character encoding warning. What do you think triggered this last one: <code>SecurityError: Permission denied to access property "WWHBrowser" on cross-origin object</code> Does the page use a script to load or switch pages in frames or iframes?
Hat Ihnen das weitergeholfen?
Zitieren

Fragesteller

Yes, it does.

Here's the complete file:

<meta content="text/html" http-equiv="content-type"> <meta content="UTF-8" http-equiv="charset"> <title>wwhelp_entry.html</title> <script language="JavaScript1.2" type="text/javascript"> </script>

Yes, it does. Here's the complete file: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <!-- Copyright (c) 2000-2013 Quadralay Corporation. All rights reserved. --> <head> <meta http-equiv="content-type" content="text/html" /> <meta http-equiv="charset" content="UTF-8" /> <title>wwhelp_entry.html</title> <script type="text/javascript" language="JavaScript1.2"> <!-- function WWHHelpFrame_LaunchHelp() { var BaseURL, Parameters, Parts; // Process URL parameters // BaseURL = window.location.href; Parameters = ""; if (BaseURL.indexOf("?") !== -1) { Parts = BaseURL.split("?"); BaseURL = Parts[0]; Parameters = "?" + Parts[1]; } else if (BaseURL.indexOf("#") !== -1) { Parts = BaseURL.split("#"); BaseURL = Parts[0]; Parameters = "#" + Parts.slice(1).join("#"); } BaseURL = BaseURL.substring(0, BaseURL.lastIndexOf("/")); // Sanitize parameters // Parameters = Parameters.replace(/[\\<>:;"']|%5C|%3C|%3E|%3A|%3B|%22|%27/gi, ""); window.setTimeout(function () { window.location.replace(BaseURL + "/wwhelp/wwhimpl/common/html/switch.htm" + Parameters); }, 1); } // --> </script> </head> <body onload="WWHHelpFrame_LaunchHelp();"> <div><a href="wwhelp/books.htm" title="Web Search">Web Search</a></div> </body> </html>
Hat Ihnen das weitergeholfen?
Zitieren
jscher2000
  • Top 10 Contributor
8578 Lösungen 70132 Antworten
Veröffentlicht

I don't know if this is relevant to your files, but at least one help system used to work differently in Firefox vs. Chrome because Firefox offered more scriptability with local files in Firefox 67 and earlier. They plan to change to treating them the same going forward: https://discourse.mozilla.org/t/firefox-68-local-files-now-treated-as-cross-origin-1558299/42493

I don't know if this is relevant to your files, but at least one help system used to work differently in Firefox vs. Chrome because Firefox offered more scriptability with local files in Firefox 67 and earlier. They plan to change to treating them the same going forward: https://discourse.mozilla.org/t/firefox-68-local-files-now-treated-as-cross-origin-1558299/42493
Hat Ihnen das weitergeholfen?
Zitieren
jscher2000
  • Top 10 Contributor
8578 Lösungen 70132 Antworten
Veröffentlicht

Whoops, our posts crossed.

Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp

For now, to make your help system work on file:// URLs, you can roll back the patch as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste uniq and pause while the list is filtered

(3) Double-click the privacy.file_unique_origin preference to switch the value from true to false

To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.

Whoops, our posts crossed. Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and methods of loading) when you open them '''from a file:// URL'''. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit. More info: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp For now, to make your help system work on file:// URLs, you can roll back the patch as follows: (1) In a new tab, type or paste '''about:config''' in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk. (2) In the search box above the list, type or paste '''uniq''' and pause while the list is filtered (3) Double-click the '''privacy.file_unique_origin''' preference to switch the value from true to false To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.
Hat Ihnen das weitergeholfen?
Zitieren

Ausgewählte Lösung

Thanks so much for the workaround!

Thanks so much for the workaround!
Hat Ihnen das weitergeholfen?
Zitieren
Stellen Sie eine Frage

Sie müssen sich mit Ihrem Benutzerkonto anmelden, um auf Beiträge zu antworten. Bitte stellen Sie eine neue Frage, wenn Sie noch kein Benutzerkonto haben.