X
點擊此處開啟此網站的行動版。

技術支援討論區

http://www.walmart.com/store/finder doesn't work properly in latest firefox (non privacy) but ok with microsoft edge

已張貼

I using Firefox 46.0.1 in regular (non private) mode. I went to http://www.walmart.com/store/finder and got the site headers, etc. but no content, no map. Microsoft Edge doesn't have any problem showing the full page. I've noticed this on a few sites lately.

I using Firefox 46.0.1 in regular (non private) mode. I went to http://www.walmart.com/store/finder and got the site headers, etc. but no content, no map. Microsoft Edge doesn't have any problem showing the full page. I've noticed this on a few sites lately.

被選擇的解決方法

Hmm, yes, big empty white space. We both run the NoScript extension, and I noticed this message in the Browser Console when loading the page:

[NoScript] Blocking cross-site Javascript served from http://ll-us-i5.wal.co/dfw/63fd9f59-bd92/k2-_e3db6f3f-bb49-4b26-ad59-3ab8987390ea.v27.js-7a19b435de26ab8b51e5309d2761bcbc83e41a6b with wrong type info application/jav and included by http://www.walmart.com/store/finder

Wrong type info because the server sends "application/jav" instead of "application/javascript". It usually is safest to block mystery content, but assuming you trust this server:

Users who needed to log in to Walmart discovered this a while ago and a workaround was posted on the NoScript forum here: https://forums.informaction.com/viewtopic.php?p=81213#p81213

In summary:

(0) Select and copy the following (it's a pattern that matches the URL of the script files you want to run):

.wal.co/*.js*

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste noscript.i and pause while the list is filtered

(3) Double-click the noscript.inclusionTypeChecking.exceptions preference and edit it as follows:

(A) Press the Home key on the keyboard to position the cursor at the very beginning of the preference value (or click there using the mouse)

(B) Paste the pattern and then type a space to separate it from the default exceptions

(C) Click OK to save it

Then reload the store finder page and it should show the map and location search box.

從原來的回覆中察看解決方案 1

額外的系統細節

已安裝的外掛程式

  • ActiveTouch General Plugin Container Version 105
  • Adobe PDF Plug-In For Firefox and Netscape 15.10.20056
  • Citrix Online App Detector Plugin
  • GEPlugin
  • Google Update
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 11.91.2 for Mozilla browsers
  • The plugin allows you to have a better experience with Microsoft SharePoint
  • LastPass Plugin
  • BlackBerry WebSL Browser Plug-In
  • Shockwave Flash 21.0 r0
  • Adobe Shockwave for Director Netscape plug-in, version 12.1.9.160
  • 5.1.41212.0
  • VLC media player Web Plugin

應用程式

  • Firefox 46.0.1
  • 使用者代理:Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
  • 技術支援網址:https://support.mozilla.org/1/firefox/46.0.1/WINNT/en-US/

擴充套件

  • Adblock Plus 2.7.3 ({d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d})
  • Firefox Hello 1.2.6 (loop@mozilla.org)
  • FlashGot 1.5.6.13 ({19503e42-ca3c-4c27-b1e2-9cdb2170ee34})
  • Garmin Communicator 4.1.0.1-signed.1-signed ({195A3098-0BD5-4e90-AE22-BA1C540AFD1E})
  • HTML5 Video Everywhere! 0.3.4 (html5-video-everywhere@lejenome.me)
  • LastPass 3.3.1 (support@lastpass.com)
  • Logitech SetPoint 6.5 ({F003DA68-8256-4b37-A6C4-350FA04494DF})
  • Multi-process staged rollout 1.0 (e10srollout@mozilla.org)
  • Norton Identity Safe 2016.6.0.66 ({C1A2A613-35F1-4FCF-B27F-2840527B6556})
  • NoScript 2.9.0.11 ({73a6fe31-595d-460b-a920-fcc0f8843232})
  • Pocket 1.0 (firefox@getpocket.com)
  • Saved Password Editor 2.9.6 (savedpasswordeditor@daniel.dawson)
  • The Camelizer - Price Tracker 2.8.2 (izer@camelcamelcamel.com)
  • UnPlug 2.059 (unplug@compunach)
  • WOT 20151208 ({a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7})

JavaScript

  • incrementalGCEnabled: True

圖形

  • adapterDescription: Intel(R) HD Graphics 4000
  • adapterDescription2:
  • adapterDeviceID: 0x0166
  • adapterDeviceID2:
  • adapterDrivers: igdumdim64 igd10iumd64 igd10iumd64 igdumdim32 igd10iumd32 igd10iumd32
  • adapterDrivers2:
  • adapterRAM: Unknown
  • adapterRAM2:
  • adapterSubsysID: 058f1028
  • adapterSubsysID2:
  • adapterVendorID: 0x8086
  • adapterVendorID2:
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 10.0.10586.0
  • driverDate: 8-17-2015
  • driverDate2:
  • driverVersion: 10.18.10.4276
  • driverVersion2:
  • info: {u'AzureCanvasBackend': u'direct2d 1.1', u'AzureFallbackCanvasBackend': u'cairo', u'AzureContentBackend': u'direct2d 1.1', u'AzureSkiaAccelerated': 0}
  • isGPU2Active: False
  • numAcceleratedWindows: 1
  • numTotalWindows: 1
  • supportsHardwareH264: Yes
  • webglRenderer: Google Inc. -- ANGLE (Intel(R) HD Graphics 4000 Direct3D11 vs_5_0 ps_5_0)
  • windowLayerManagerRemote: True
  • windowLayerManagerType: Direct3D 11

修改過的偏好設定

其他

  • User JS: 否
  • 輔助功能: 是
jscher2000
  • Top 10 Contributor
8637 個解決方法 70648 個答案

選擇的解決方法

Hmm, yes, big empty white space. We both run the NoScript extension, and I noticed this message in the Browser Console when loading the page:

[NoScript] Blocking cross-site Javascript served from http://ll-us-i5.wal.co/dfw/63fd9f59-bd92/k2-_e3db6f3f-bb49-4b26-ad59-3ab8987390ea.v27.js-7a19b435de26ab8b51e5309d2761bcbc83e41a6b with wrong type info application/jav and included by http://www.walmart.com/store/finder

Wrong type info because the server sends "application/jav" instead of "application/javascript". It usually is safest to block mystery content, but assuming you trust this server:

Users who needed to log in to Walmart discovered this a while ago and a workaround was posted on the NoScript forum here: https://forums.informaction.com/viewtopic.php?p=81213#p81213

In summary:

(0) Select and copy the following (it's a pattern that matches the URL of the script files you want to run):

.wal.co/*.js*

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste noscript.i and pause while the list is filtered

(3) Double-click the noscript.inclusionTypeChecking.exceptions preference and edit it as follows:

(A) Press the Home key on the keyboard to position the cursor at the very beginning of the preference value (or click there using the mouse)

(B) Paste the pattern and then type a space to separate it from the default exceptions

(C) Click OK to save it

Then reload the store finder page and it should show the map and location search box.

Hmm, yes, big empty white space. We both run the NoScript extension, and I noticed this message in the Browser Console when loading the page: <blockquote>[NoScript] Blocking cross-site Javascript served from http://ll-us-i5.wal''.''co/dfw/63fd9f59-bd92/k2-_e3db6f3f-bb49-4b26-ad59-3ab8987390ea.v27.js-7a19b435de26ab8b51e5309d2761bcbc83e41a6b with wrong type info application/jav and included by http://www.walmart''.''com/store/finder</blockquote> Wrong type info because the server sends "application/jav" instead of "application/javascript". It usually is safest to block mystery content, but assuming you trust this server: Users who needed to log in to Walmart discovered this a while ago and a '''workaround''' was posted on the NoScript forum here: https://forums.informaction.com/viewtopic.php?p=81213#p81213 '''In summary:''' (0) Select and copy the following (it's a pattern that matches the URL of the script files you want to run): .wal.co/*.js* (1) In a new tab, type or paste '''about:config''' in the address bar and press Enter/Return. Click the button promising to be careful. (2) In the search box above the list, type or paste '''noscript.i''' and pause while the list is filtered (3) Double-click the '''noscript.inclusionTypeChecking.exceptions''' preference and edit it as follows: (A) Press the Home key on the keyboard to position the cursor at the very beginning of the preference value (or click there using the mouse) (B) Paste the pattern and then type a space to separate it from the default exceptions (C) Click OK to save it Then reload the store finder page and it should show the map and location search box.

由 jscher2000 於 修改

jscher2000
  • Top 10 Contributor
8637 個解決方法 70648 個答案

For other sites, you'll need to mention the URL when you run across it again.

For other sites, you'll need to mention the URL when you run across it again.

提出問題者

http://store.hp.com/us/en/ContentView?eSpotName=PrinterFinder&storeId=10151&catalogId=10051&langId=-1 does the same thing.

As far as I can see, neither Firefox nor LastPass have "Browser Console". How do I find it?

http://store.hp.com/us/en/ContentView?eSpotName=PrinterFinder&storeId=10151&catalogId=10051&langId=-1 does the same thing. As far as I can see, neither Firefox nor LastPass have "Browser Console". How do I find it?

提出問題者

I find it difficult to believe that all these sites just changed that part of their content. So I suspect the LastPass has started to enforce additional restrictions. If the site is whitelisted, I wonder why it is quibbling about "application/jav" instead of "application/javascript"

I find it difficult to believe that all these sites just changed that part of their content. So I suspect the LastPass has started to enforce additional restrictions. If the site is whitelisted, I wonder why it is quibbling about "application/jav" instead of "application/javascript"

提出問題者

I posted to LastPass support asking for a generic fix.

I posted to LastPass support asking for a generic fix.
jscher2000
  • Top 10 Contributor
8637 個解決方法 70648 個答案

Not LastPass, NoScript.

You can open Firefox's Browser Console using either:

  • Ctrl+Shift+j
  • menu button > Developer > Browser Console

NoScript is protecting against an attack where a tag in a page pulls a non-matching content type from a different server as a way to bypass the normal security checks for that other content type. It doesn't matter whether the two sites are trusted, because it is intended to protect against cross-site attacks.

The HP page doesn't give that specific error, so it probably is something else (I'll look into it a bit more).

Not LastPass, NoScript. You can open Firefox's Browser Console using either: * Ctrl+Shift+j * menu button > Developer > Browser Console NoScript is protecting against an attack where a tag in a page pulls a non-matching content type from a different server as a way to bypass the normal security checks for that other content type. It doesn't matter whether the two sites are trusted, because it is intended to protect against cross-site attacks. The HP page doesn't give that specific error, so it probably is something else (I'll look into it a bit more).
cor-el
  • Top 10 Contributor
  • Moderator
17416 個解決方法 157344 個答案

On the http://store.hp.com it is a problem with third-party cookies. I see the content if I create an "allow for session" cookie exception.

Every now and then I see threads where specific content gets blocked because of such a cookie issue. If content is loaded in an iframe then you can check if it works if you temporarily allow all third-party cookies and if that helps check the domain of the URL in the iframe and create an exception and check again if that works. I personally don't like to enable third-party cookies by default because you end up with a lot of unnecessary cookies.

On the http://store.hp.com it is a problem with third-party cookies. I see the content if I create an "allow for session" cookie exception. *http://sidekick-hp.elasticbeanstalk.com Every now and then I see threads where specific content gets blocked because of such a cookie issue. If content is loaded in an iframe then you can check if it works if you temporarily allow all third-party cookies and if that helps check the domain of the URL in the iframe and create an exception and check again if that works. I personally don't like to enable third-party cookies by default because you end up with a lot of unnecessary cookies.
jscher2000
  • Top 10 Contributor
8637 個解決方法 70648 個答案

On HP, I had to allow a lot of domains in NoScript that I haven't allowed before in order to get the frame content to load. I have attached a screenshot. My testing was inconsistent, and I often reloaded using Ctrl+Shift+r (reload bypassing the cache) to force a full reload of the framed page. I'm not sure why it's so finicky.

On HP, I had to allow a lot of domains in NoScript that I haven't allowed before in order to get the frame content to load. I have attached a screenshot. My testing was inconsistent, and I often reloaded using Ctrl+Shift+r (reload bypassing the cache) to force a full reload of the framed page. I'm not sure why it's so finicky.