搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

http://www.walmart.com/store/finder doesn't work properly in latest firefox (non privacy) but ok with microsoft edge

more options

I using Firefox 46.0.1 in regular (non private) mode. I went to http://www.walmart.com/store/finder and got the site headers, etc. but no content, no map. Microsoft Edge doesn't have any problem showing the full page. I've noticed this on a few sites lately.

I using Firefox 46.0.1 in regular (non private) mode. I went to http://www.walmart.com/store/finder and got the site headers, etc. but no content, no map. Microsoft Edge doesn't have any problem showing the full page. I've noticed this on a few sites lately.

被采纳的解决方案

Hmm, yes, big empty white space. We both run the NoScript extension, and I noticed this message in the Browser Console when loading the page:

[NoScript] Blocking cross-site Javascript served from http://ll-us-i5.wal.co/dfw/63fd9f59-bd92/k2-_e3db6f3f-bb49-4b26-ad59-3ab8987390ea.v27.js-7a19b435de26ab8b51e5309d2761bcbc83e41a6b with wrong type info application/jav and included by http://www.walmart.com/store/finder

Wrong type info because the server sends "application/jav" instead of "application/javascript". It usually is safest to block mystery content, but assuming you trust this server:

Users who needed to log in to Walmart discovered this a while ago and a workaround was posted on the NoScript forum here: https://forums.informaction.com/viewtopic.php?p=81213#p81213

In summary:

(0) Select and copy the following (it's a pattern that matches the URL of the script files you want to run):

.wal.co/*.js*

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste noscript.i and pause while the list is filtered

(3) Double-click the noscript.inclusionTypeChecking.exceptions preference and edit it as follows:

(A) Press the Home key on the keyboard to position the cursor at the very beginning of the preference value (or click there using the mouse)

(B) Paste the pattern and then type a space to separate it from the default exceptions

(C) Click OK to save it

Then reload the store finder page and it should show the map and location search box.

定位到答案原位置 👍 1

所有回复 (8)

more options

选择的解决方案

Hmm, yes, big empty white space. We both run the NoScript extension, and I noticed this message in the Browser Console when loading the page:

[NoScript] Blocking cross-site Javascript served from http://ll-us-i5.wal.co/dfw/63fd9f59-bd92/k2-_e3db6f3f-bb49-4b26-ad59-3ab8987390ea.v27.js-7a19b435de26ab8b51e5309d2761bcbc83e41a6b with wrong type info application/jav and included by http://www.walmart.com/store/finder

Wrong type info because the server sends "application/jav" instead of "application/javascript". It usually is safest to block mystery content, but assuming you trust this server:

Users who needed to log in to Walmart discovered this a while ago and a workaround was posted on the NoScript forum here: https://forums.informaction.com/viewtopic.php?p=81213#p81213

In summary:

(0) Select and copy the following (it's a pattern that matches the URL of the script files you want to run):

.wal.co/*.js*

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste noscript.i and pause while the list is filtered

(3) Double-click the noscript.inclusionTypeChecking.exceptions preference and edit it as follows:

(A) Press the Home key on the keyboard to position the cursor at the very beginning of the preference value (or click there using the mouse)

(B) Paste the pattern and then type a space to separate it from the default exceptions

(C) Click OK to save it

Then reload the store finder page and it should show the map and location search box.

由jscher2000 - Support Volunteer于修改

more options

For other sites, you'll need to mention the URL when you run across it again.

more options

http://store.hp.com/us/en/ContentView?eSpotName=PrinterFinder&storeId=10151&catalogId=10051&langId=-1 does the same thing.

As far as I can see, neither Firefox nor LastPass have "Browser Console". How do I find it?

more options

I find it difficult to believe that all these sites just changed that part of their content. So I suspect the LastPass has started to enforce additional restrictions. If the site is whitelisted, I wonder why it is quibbling about "application/jav" instead of "application/javascript"

more options

I posted to LastPass support asking for a generic fix.

more options

Not LastPass, NoScript.

You can open Firefox's Browser Console using either:

  • Ctrl+Shift+j
  • menu button > Developer > Browser Console

NoScript is protecting against an attack where a tag in a page pulls a non-matching content type from a different server as a way to bypass the normal security checks for that other content type. It doesn't matter whether the two sites are trusted, because it is intended to protect against cross-site attacks.

The HP page doesn't give that specific error, so it probably is something else (I'll look into it a bit more).

more options

On the http://store.hp.com it is a problem with third-party cookies. I see the content if I create an "allow for session" cookie exception.

Every now and then I see threads where specific content gets blocked because of such a cookie issue. If content is loaded in an iframe then you can check if it works if you temporarily allow all third-party cookies and if that helps check the domain of the URL in the iframe and create an exception and check again if that works. I personally don't like to enable third-party cookies by default because you end up with a lot of unnecessary cookies.

more options

On HP, I had to allow a lot of domains in NoScript that I haven't allowed before in order to get the frame content to load. I have attached a screenshot. My testing was inconsistent, and I often reloaded using Ctrl+Shift+r (reload bypassing the cache) to force a full reload of the framed page. I'm not sure why it's so finicky.