Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

CORS requests get an error and it breaks websites (twitter, tumblr, ...)

  • 3 replies
  • 1 has this problem
  • 4 views
  • Last reply by philipp

more options

Hello,

Until yesterday everything worked perfectly but today some websites that need cross origin request are broken.

For example, Twitter can't load scripts, images and videos from twimg.com and tumblr from media.tumblr and assets.tumblr ...

When I try to just open the image URLs, it says my connection is insecure without error codes.

and the console message redirect me to this : https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSDidNotSucceed which isn't very helpful

I'm on Linux (Arch) if that may be useful.

I tried to backup/delete the certificates but no changes.

So if anyone has an idea about what's happening I'll be glad to get some pointers to fix this problem.

Thanks

Hello, Until yesterday everything worked perfectly but today some websites that need cross origin request are broken. For example, Twitter can't load scripts, images and videos from twimg.com and tumblr from media.tumblr and assets.tumblr ... When I try to just open the image URLs, it says my connection is insecure without error codes. and the console message redirect me to this : https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSDidNotSucceed which isn't very helpful I'm on Linux (Arch) if that may be useful. I tried to backup/delete the certificates but no changes. So if anyone has an idea about what's happening I'll be glad to get some pointers to fix this problem. Thanks
Attached screenshots

Chosen solution

hi, thanks for reporting - it seams to be a problem with the configuration of some cdn nodes that twitter (and some other sites) are using to propagate their content. we're tracking this in https://bugzilla.mozilla.org/show_bug.cgi?id=1488240

a temporary workaround for this until a general fix is in place would be switching security.tls.version.max in about:config to 3. however you should revert that after a couple of days, as it might be detrimental to security in the long term.

Read this answer in context 👍 1

All Replies (3)

more options

Chosen Solution

hi, thanks for reporting - it seams to be a problem with the configuration of some cdn nodes that twitter (and some other sites) are using to propagate their content. we're tracking this in https://bugzilla.mozilla.org/show_bug.cgi?id=1488240

a temporary workaround for this until a general fix is in place would be switching security.tls.version.max in about:config to 3. however you should revert that after a couple of days, as it might be detrimental to security in the long term.

more options

Thank you !

Is there a way I can stay informed of the progress of this bug ?

more options

if you create an account on bugzilla you can follow that ticket and get email updates for new comments or a change is status there.