Google link traslate stopped working
when I try to translate a link, google creates an interactive page with iframe and mixed content (http and https)
Firefox console reports this error: "Load denied by X-Frame-Options: http://translate.google.com/translate?.... does not permit cross-origin framing" and the response header contains "X-Frame-Options: SAMEORIGIN"
The url in the address bar is "https://translate.google.it/translate?..." I solve by changing it to "http://translate.google.it/translate?..."
This is a bug?
所有回覆 (2)
Hi doco,
There is an add on for that, its called Quick Translator 1.0. It translates in the page for convenience.
If the http to https fixes the issue, what is the preference in about:config for https sites? It is called network.websocket.allowInsecureFromHTTPS
Looking forward to your reply.
Hi guigs2,
network.websocket.allowInsecureFromHTTPS is set to default value (false), changing it to true does not fix the issue
I read RFC7034 "HTTP Header Field X-Frame-Options", it talks about the concept of the "same origin" and refer to rfc6454 for details: '...Any data beyond the domain address (i.e., any data after the "/" separator) is to be ignored. The algorithm to compare origins from [RFC6454] SHOULD be used to verify that a referring page is of the same origin as the content...'
RFC6454 explains that: '...Roughly speaking, two URIs are part of the same origin (i.e., represent the same principal) if they have the same scheme, host, and port...'
The iframe src is relative (that is https) but its GET is redirected (with http code 302) to an identical url http
Then, I think that Firefox is simply "strict" in the matter of same origin. Http and Https differ in schema (and port) then are not the "same origin".
Thanks for reply