Issues with google chrome and chromium, these browser(s) does not support scandic ä and ö with htaccess authorization?
htaccess authorization without ä and ö works fine.
Same htaccess (with ä and ö) works fine with firefox, safari and IE. Is there a way to get around this?
Related
I am porting my chrome extension to Safari. The extension requires the user to sign-in and I use the OAuth code flow, which requires a redirect url.
In Chrome, I can use chrome.runtime.getURL('/mypage.html') as a redirect url because in chrome the extension id is never changed.
In Safari, however, the extension id keeps changing in every (xcode) build. This is similar to the behaviour of Firefox but in Firefox, I can use browser.identity.getRedirectURL(). Although not reachable, it guarantees to stay the same.
As in Safari, there is NO browser.identity and safari-web-extension://<extension-id> is blocked by Safari, what url can I use as a redirect URL?
Please see my reply at the apple forum: https://developer.apple.com/forums/thread/670165?answerId=661186022#661186022
Excerpted from my reply on the Apple Forum:
As a workaround, you may use whatever reachable URL as an OAuth
redirect URL and use webRequest.onBeforeRedirect to capture the
redirect attempt and 'force redirect' e.g. by tabs.update.
Although this will work, it is far from being elegant. It could even
be error-prone. While Firefox offers a decent solution for this, why
safari can't / doesn't. This could be a Safari bug or needs a change
request on Safari.
I haven't heard anything from Apple (as usual).
I'm new to Content-Security-Policy headers, and I've been trying to define our policy to get our app working correctly.
I'm a Google Chrome user, and under Google Chrome, everything seems to be fine. But, under Firefox or Edge, I see something like this:
CSP14309: Unknown directive 'script-src-elem' in
Content-Security-Policy - directive will be ignored.
Why would script-src-elem be unknown in Edge and Firefox, but work correctly in Google Chrome?
What, exactly, is script-src-elem?
Help?
This is a new CSP 3 policy that has so far only been implemented in Chrome, and a handful of smaller browsers (e.g. Opera).
See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src-elem#Specifications
I am writing a node.js application. In which I am trying to encode the url that would show in the address bar of the browser.
For an example: http:/www.abcdefghjs.com?q=This%20is%20good
Chrome shows the url in the address bar with the encoding as below or above url
http:/www.abcdefghjs.com?q=This%20is%20good
IE 11 & FireFox does not showing up the %20 for space, the url in the address bar as below:
http:/www.abcdefghjs.com?q=This is good
Any sort of help is appreciated to fix this for IE11 & Firefox.
NOTE: I have tried both the node.js function encodeURIComponent() and encodeURI(). But noot working in IE11 and FireFox
Is it actually affecting your application? Could be that Firefox is just showing it to you un-encoded but actually sends the request encoded.
Also, how are you navigating to the URL? Are you setting it with JS or are you just clicking a link?
Edit: From a quick google search, for Firefox, it looks like when the URL is already encoded, it displays as decoded in the address bar. If it is not already encoded it will show encoded.
Just as chrispytoes says, it's a browser behavior by design and there's nothing we can do about it. Besides, we can use Fiddler to track the url request. As we can see in the Inspectors, IE actually sends the encoded request though it shows un-encoded in address bar:
So, I have a selfhosted Ghost blog and there are a couple of odd behaviors
URL: https : //prusik.io/jubbaonjeans/
The cover image loads just fine in IE, but refuses to load in Chrome (for Windows and Android) or Firefox. Here's the code from the source:
<header class="main-header " style="background-image: url(/jubbaonjeans/content/images/2015/01/CoverForBlog-7.jpg)">
In addition, I have a script for Disqus comments. Similar behavior where it works in IE, but not Chrome or Firefox
URL: https://prusik.io/jubbaonjeans/mnrega-and-welfare/
I am using the instructions here (https :// help.disqus.com/customer/portal/articles/1454924-ghost-installation-instructions) to enable Disqus on my blog. (odd URL as I am only allowed 2 links in this post)
Finally, the Ghost image uploader (For cover image and post images) throws a weird error. I am still able to upload images, but the error remains. Again, works just fine in IE
Error: https://prusik.io/jubbaonjeans/content/images/2015/01/UploaderIssue.JPG
Also, I was a programmer at one point and now into InfoSec. My knowledge of CSS and HTML5 programming is basic.
Thanks in advance!
On my site served over https a user may enter a URL and preview their entered URL in an embedded iframe.
This iframe is getting blocked by Firefox 23's mixed content blocker by default. I'm wondering if anyone knows of a workaround.
You could try using Snapito! (http://snapito.com).
They have an API that works over https, so if you used their preview you would cease getting mixed content.
HTH