CORS requests get an error and it breaks websites (twitter, tumblr, ...)
Hello,
Until yesterday everything worked perfectly but today some websites that need cross origin request are broken.
For example, Twitter can't load scripts, images and videos from twimg.com and tumblr from media.tumblr and assets.tumblr ...
When I try to just open the image URLs, it says my connection is insecure without error codes.
and the console message redirect me to this : https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSDidNotSucceed which isn't very helpful
I'm on Linux (Arch) if that may be useful.
I tried to backup/delete the certificates but no changes.
So if anyone has an idea about what's happening I'll be glad to get some pointers to fix this problem.
Thanks
Chosen solution
hi, thanks for reporting - it seams to be a problem with the configuration of some cdn nodes that twitter (and some other sites) are using to propagate their content. we're tracking this in https://bugzilla.mozilla.org/show_bug.cgi?id=1488240
a temporary workaround for this until a general fix is in place would be switching security.tls.version.max in about:config to 3. however you should revert that after a couple of days, as it might be detrimental to security in the long term.
Read this answer in context 👍 1All Replies (3)
Chosen Solution
hi, thanks for reporting - it seams to be a problem with the configuration of some cdn nodes that twitter (and some other sites) are using to propagate their content. we're tracking this in https://bugzilla.mozilla.org/show_bug.cgi?id=1488240
a temporary workaround for this until a general fix is in place would be switching security.tls.version.max in about:config to 3. however you should revert that after a couple of days, as it might be detrimental to security in the long term.
Thank you !
Is there a way I can stay informed of the progress of this bug ?
if you create an account on bugzilla you can follow that ticket and get email updates for new comments or a change is status there.