-
Notifications
You must be signed in to change notification settings - Fork 513
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
XOriginPolicy breaks icloud.com #850
Comments
Indeed. The problem is cross origin is often used in a sort of authorizing / super-cookie flow logic: e.g using google to sign into youtube, or using facebook to sign into various services. It's why FPI breaks some stuff. Thanks for the info. As the section 1600 header says "If you want any REAL control over referers and breakage, then use an extension" and 1603 pref already has a troubleshooting tag. |
I have this in SR: Otherwise here are my manuals: https://github.com/crssi/Firefox/blob/master/Smart_Referer-Whitelist.txt |
Yes, documentation regarding potential breaks is present in the
This works as well of course, however, i favour whitelisting as less (sub)domains as necessary for a page to work.
Thanks for pointing that out. Unfortunately I can't remember which issue exactly I had during debugging (maybe something related to creating a new Apple-ID), but
Thx for sharing. |
That is true when the source and target domains are not the same company. 😉 |
Hi,
the setting
network.http.referer.XOriginPolicy != 0
breaks https://www.icloud.com. A workaround is to usenetwork.http.referer.XOriginPolicy = 0
and install the Smart Referer Addon for removing referers. Make sure to select the Addon'sstrict
mode, disable the whitelist, disable the rewrite mode and use following manual exceptions (source -> destination
):www.icloud.com -> idmsa.apple.com
www.icloud.com -> appleid.apple.com
EDIT: doesn't seem to be necessarywww.icloud.com -> appleid.cdn-apple.com
BR
The text was updated successfully, but these errors were encountered: