sharing a flickr link does not work well

[haheute]

When I share a short link from flickr ( https://flic.kr/p/MrGHfG ) on diaspora ( Code 0.6.1.0-pfc6e9168 ), I see a small preview image and a spinner image which does not finish.
I use chromium on linux with the uMatrix extension, but all relevant sources should be allowed.
It looks as if something failes to load.
The developer tools show this message:

widgets.js?_=1482065508609:9 The Content Security Policy 'default-src 'none'; child-src 'self' www.youtube.com w.soundcloud.com twitter.com platform.twitter.com syndication.twitter.com player.vimeo.com www.mixcloud.com www.dailymotion.com media.ccc.de bandcamp.com www.instagram.com; connect-src 'self' embedr.flickr.com geo.query.yahoo.com nominatim.openstreetmap.org api.github.com; font-src 'self'; form-action 'self' platform.twitter.com syndication.twitter.com www.paypal.com; frame-ancestors 'self'; img-src data: *; media-src https: data:; script-src 'self' 'unsafe-eval' platform.twitter.com cdn.syndication.twimg.com widgets.flickr.com embedr.flickr.com platform.instagram.com 'unsafe-inline' 'nonce-bScZH4uh23P/yyBnr3O3eeSQHTdAz3HA3Zb2sa6Vces='; style-src 'self' 'unsafe-inline' platform.twitter.com *.twimg.com' was delivered in report-only mode, but does not specify a 'report-uri'; the policy will have no effect. Please either add a 'report-uri' directive, or deliver the policy via the 'Content-Security-Policy' header. t @ widgets.js?_=1482065508609:9

I don't know if this is a diaspora issue or something else.

[denschub]

The CSP warning is unrelated.

Also, this works fine for me on a current release with the embedded CSP enabled. Please share further information, for example if you have other "privacy enhancing" extensions installed or what pod you are on. Until then, this is invalid and worksforme, closing as such.

[haheute]

The problem happened again today, after posting a flickr link.
In firefox, chromium and luakit, the spinner graphic does not seem to disappear, but only in the stream: https://despora.de/people/6faa5e00931e0135c911423d69c21395
The single post page seems to work:
https://despora.de/posts/10837661
I tried with Firefox and Luakit without extensions and chromium only with umatrix, which I turned off to test.

[haheute]

Okay, it seems to be just the "ajax-loader .gif" which is partly visible in the stream. ..behind the flickr content.
On the single post page it is also there, just hidden behind the embedded content..

[Flaburgan]

I can reproduce that on the last develop code. Indeed, the ajax-loader background is still visible after the content loaded, making you think something is still loading.