Recent answers to Use offline 360 virtual tourhttps://support.mozilla.org/km/questions/12647252019-07-15T11:39:53-07:00Thanks again.
FireFox has been the only browser that would let me play the tours offline, but I gues2019-07-15T11:39:53-07:00streamcommunicationshttps://support.mozilla.org/km/questions/1264725#answer-1237765<p>Thanks again.
</p><p>FireFox has been the only browser that would let me play the tours offline, but I guess I now need to find a different solution.
</p><p>I appreciate your help.
</p>Unfortunately, those messages don't provide specific enough information. These are the messages I ge2019-07-15T07:55:14-07:00jscher2000https://support.mozilla.org/km/questions/1264725#answer-1237708<p>Unfortunately, those messages don't provide specific enough information. These are the messages I get:
</p><p>(1) Fonts not loading
</p><p>Many like this:
</p><p>Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///C:/&lt;redacted&gt;/Broiler%20and%20Breeder%20HTML/fonts/Oswald-RegularItalic.ttf
</p><p>(2) WebGL texture not loading
</p><p>Error: WebGL warning: texImage2D: Cross-origin elements require CORS.
</p><p>These CORS (cross-origin) errors are due to the security patch in Firefox 68.
</p>
<hr>
<p>If I make the about:config preference change I mentioned before and reload the page (Ctrl+r), then I get warehouses.
</p><p>I realize this is inconvenient for your clients to have to change a setting, but obviously you can blame it on Firefox fixing a security issue.
</p>
<hr>
<p>I thought I would compare in Chrome, and I get a popup that says "This virtual tour cannot be played from a local drive. Please upload it to the internet and try again."
</p><p>I don't know whether that is due to my configuration, or something built-in to the library you're using.
</p>Thank you very much for your reply.
My main issue is this....
My clients need to be able to play the2019-07-15T06:35:18-07:00streamcommunicationshttps://support.mozilla.org/km/questions/1264725#answer-1237669<p>Thank you very much for your reply.
</p><p>My main issue is this....
</p><p>My clients need to be able to play these tours offline, and they aren't going to know how, or want to do any special config's to make them work, so it's my job now to figure out how to make firefox work again...&nbsp;:-(
</p><p>Attached are the alerts I'm getting.
</p>Hi Tony, I have a theory.
Firefox 68 contains a security patch which restricts the kinds of files th2019-07-15T06:26:38-07:00jscher2000https://support.mozilla.org/km/questions/1264725#answer-1237664<p>Hi Tony, I have a theory.
</p><p>Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and loading methods) when you open them <strong>from a file:// URL</strong>. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit.
</p><p>Since you are setting up the object with a script, that may be subjected to higher restrictions than predefined objects.
</p><p><em><strong>Confirming the Theory</strong></em>
</p><p>You can check for messages in Firefox's Web Console, part of the developer tools you can open in the lower part of the tab. Either:
</p>
<ul><li> "3-bar" menu button &gt; Web Developer &gt; Web Console
</li><li> (menu bar) Tools &gt; Web Developer &gt; Web Console
</li><li> (Windows) Ctrl+Shift+k
</li></ul>
<p>Then reload the page in the upper part of the tab and watch for new messages. In particular, anything similar to the following is an important clue:
</p><p>Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///&lt;your URL&gt; (Reason: CORS request not http).
</p><p>Related article: <a href="https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp" rel="nofollow">https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp</a>
</p><p><em><strong>Workaround</strong></em>
</p><p>You can roll back the patch as follows:
</p><p>(1) In a new tab, type or paste <strong>about:config</strong> in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.
</p><p>(2) In the search box above the list, type or paste <strong>uniq</strong> and pause while the list is filtered
</p><p>(3) Double-click the <strong>privacy.file_unique_origin</strong> preference to switch the value from true to false
</p><p>To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.
</p>Here's the HTML files in case you want to test it
LINK
2019-07-15T05:31:42-07:00streamcommunicationshttps://support.mozilla.org/km/questions/1264725#answer-1237635<p>Here's the HTML files in case you want to test it
<a href="https://www.dropbox.com/s/ebfa2qk4jj5519m/Broiler%20and%20Breeder%20HTML.zip?dl=0" rel="nofollow">LINK</a>
</p>