NB Folder Access - nightly link not working

Started by ddire, May 12, 2014, 02:53:04 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.


Maybe related: today this link also stopped working: http://www.magiclantern.fm/forum/index.php (it redirects to the main home page, via a page named javaredirect.html).

This one works: http://www.magiclantern.fm/forum/


Today, the forum link from the main page (second link from above post) stopped working too. Clicking on the link simply refreshes the home page (via javaredirect.html).

Directly typing www.magiclantern.fm/forum doesn't work either.

To access the forum, I have to start from a link to some existing message, from history.

Walter Schulz

Works fine here.
Do you use NoScript or another add-on able to block java, javascript, cookies?


I use Adblock Edge, but I also tried with it disabled.

Clearing all history appears to have fixed all these errors though.



Working fine today.... like nothing ever happened.
5D Mark III -- 7D   SOLD -- EOS M 22mm 18-55mm STM -- Fuji X-T1 18-55 F2.8-F4 & 35 F1.4
Canon Glass   100L F2.8 IS -- 70-200L F4 -- 135L F2 -- 85 F1.8 -- 17-40L --  40 F2.8 -- 35 F2 IS  Sigma Glass  120-300 F2.8 OS -- 50 F1.4 -- 85 F1.4  Tamron Glass   24-70 2.8 VC   600EX-RT X3


Hi everyone

It may be that Firefox has disabled Java scripts from activating since V27

Cheers Glenn.


Guys, this just came up in the IRC channel.

As far as I can see, this is not an HSTS but a Content-Security Policy error, and modern webbrowsers are just protecting their end users.

The issue is what the Console in Chrome-developer tools will immediately tell you:
XMLHttpRequest cannot load http://builds.magiclantern.fm/jenkins/view/ML%20Platforms/api/json. Received an invalid response. Origin 'https://builds.magiclantern.fm' is therefore not allowed access.

In other words, non-HTTPS resources are attempted to be loaded from an HTTPS-site and the browser is not having any of it (and rightfully so).

Looking over the AngularJS source, this comes mostly down to hardcoded http-protocols being used in the urls.

Firstly, to get it to work, I've locally changed in the Chrome-debugger references to the protocol in the file app.js, change:

so that it doesn't include the protocol (which means it'll use the protocol of the current site), so:

This is enough to get the downloads working, but, really, all the hardcoded protocols from the url-references should be deleted (or changed to HTTPS if it's really never meant to run under HTTP). There are also other errors in the console when clicking download, but at least it works.
Is the source of the app open for download somewhere? I'd happily help where I can with this.

Hope this helps!

Came up in the IRC-channel again.

It seems to work in IE11, but that can only be the case if you use the non-HTTPS link. If you use HTTPS, IE11 works correctly by blocking.
The difference is that if you use the non-HTTPS link in Chrome, it changes the protocol to HTTPS (because, HSTS). The site then automagically gets broken for a large part of your users.

So, I think removing the hardcoded http-references should still work, also when in the future IE will support HSTS.


Solved, thanks @Hask.

Please test both http and https.

Walter Schulz

IE8 and FF26 tested with http and https. Both working now!


Quote from: a1exSolved, thanks @Hask.

You're welcome, glad I could do something back for Magic Lantern :)