RSS RSS RSS RSS Facebook Twitter Email
Paizo People
Peacock Spirit

styx31's page

3 posts. No reviews. No lists. No wishlists.


Profile
Aliases
Campaigns
Posts
Threads
Favorited by Others
Reviews
Wishlists
RSS
Search Posts

Search styx31's posts:


Always redirected to HTTP (not HTTPS) version, cross-site-origin blocked on firefox

Hi,

https://paizo.com is always returning a "302" redirect response status code, redirecting to non-secure website http://paizo.com. (why ?)

Tested on Chrome (68) and Firefox (61), with or without private mode.

The problem is that most of the CSS/Fonts resources or ajax requests are strictly using https and are blocked by cross origin checks *on Firefox only*.

Example of message: Access to Font at 'https://paizo.com/include/fonts/OpenSans-Regular/OpenSans-Regular.woff' from origin 'http://paizo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://paizo.com' is therefore not allowed access.

Because the forum content is loaded using Ajax request, all forums are blank on Firefox.

The only way to browse or post new messages is to use MS Edge on windows (or disable XSS checks).

Edit: please also note that the status code returned is "302 Apple" ??
Wayfinder #1 (OGL)
Kajehase wrote:
[...], so you'll have to do it yourselves ;)

For sure we will ! I hope that we will be able to publish them more quickly than this first one.

Wayfinder #1 (OGL)

Thanks to all the Wayfinder team, and the team of the French Pathfinder Community Website, Wayfinder #1 is now available in French !

All details here : http://www.pathfinder-fr.org/Wiki/Golarion.Wayfinder.ashx?NoRedirect=1& NS=Golarion

Now, we will try to translate the two remaining issues.