Paizo People

styx31's page

3 posts. No reviews. No lists. No wishlists.

Profile

Aliases

Campaigns

Posts

Threads

Favorited by Others

Reviews

Wishlists

Search Posts

Always redirected to HTTP (not HTTPS) version, cross-site-origin blocked on firefox

styx31

Aug 6, 2018, 08:29 am

Hi,

https://paizo.com is always returning a "302" redirect response status code, redirecting to non-secure website http://paizo.com. (why ?)

Tested on Chrome (68) and Firefox (61), with or without private mode.

The problem is that most of the CSS/Fonts resources or ajax requests are strictly using https and are blocked by cross origin checks *on Firefox only*.

Example of message: Access to Font at 'https://paizo.com/include/fonts/OpenSans-Regular/OpenSans-Regular.woff' from origin 'http://paizo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://paizo.com' is therefore not allowed access.

Because the forum content is loaded using Ajax request, all forums are blank on Firefox.

The only way to browse or post new messages is to use MS Edge on windows (or disable XSS checks).

Edit: please also note that the status code returned is "302 Apple" ??

Wayfinder #1 (OGL)

styx31

Sep 7, 2010, 09:15 am

Kajehase wrote:

[...], so you'll have to do it yourselves ;)

For sure we will ! I hope that we will be able to publish them more quickly than this first one.

Wayfinder #1 (OGL)

styx31

Sep 6, 2010, 02:22 pm

Thanks to all the Wayfinder team, and the team of the French Pathfinder Community Website, Wayfinder #1 is now available in French !

All details here : http://www.pathfinder-fr.org/Wiki/Golarion.Wayfinder.ashx?NoRedirect=1& NS=Golarion

Now, we will try to translate the two remaining issues.