Recent Login Weirdness on Firefox

Since about the past 3 weeks, on logging in with Mozilla Firefox, I am getting the upper section of the page, (NavMenu) and nothing else. In the centre of the blank UI, there is the ‘something went wrong message, try again’.

I select the Daml logo, reloads the page, sometimes it reloads correctly the first time, often it does not. If I try to select the notifications indicator on my user icon in the top right, it loads the summary page or also goes blank.

Browser: Mozilla Firefox
Ver: 89.0.2 (64-bit) GNU/Linux
O/S: Ubuntu 20.04.2 LTS ← Thanks for the reminder @Zsolt_Holman
Settings: Custom history, keep no Cookies, Cache etc

Let me know if you would like any tests done.

I can’t reproduce on macOS; with Firefox 89.0.2 (and login via Google, in case that matters), everything seems to be working fine for me.

Do you have any extension installed that could cause an issue? Have you tried clearing your cache/cookies? It may be a broken JS script somewhere. Also next time that happens, could you open the dev toolbar and look for any error message in the logs?

If a Linux user is reading this, could you confirm whether you’re seeing any issue?

I experienced the following:

Firefox 89.0.2 (64-bit)
Ubuntu 18.04.5 LTS

That is exactly what I get

Everytime Firefox closes, it clears everything, and I confirm that there are no extensions, add-ons etc installed. Looks like a Firefox on Ubuntu thing perhaps?

Any chance either of you could open up the console and see if there’s any clue in there? You should be able to open it with CTRL + SHIFT + i, or F12.

The error stack is quite huge, some snippets though:

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
This page uses the non standard property “zoom”. Consider using calc() in the relevant property values, or using “transform” along with “transform-origin: 0 0”. discuss.daml.com
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 3

Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). Source: (function(h){function y(a){var b=["source","medium","campaign","term","content"];b=new RegExp("(utm_("+b.join("|")+")|(d|g)clid)\x3d.*?([^\x26#]*|$)","gi");a=a.match(b);var c;if(a){var e={};var p=a.length;for(c=0;c<p;c++)(b=a[c].split("\x3d"))&&(e[b[0]]=b[1])}return e}function z(a){if(a){var b={"daum.net":{p:"q",n:"daum"},"eniro.se":{p:"search_word",n:"eniro "},"naver.com":{p:"query",n:"naver "},"yahoo.com":{p:"p",n:"yahoo"},"msn.com":{p:"q",n:"msn"},"bing.com":{p:"q",n:"live"},"aol.com":{p:"q",n:"aol"},
"lycos.com":{p:"q",n:"lycos"},"ask.com":{p:"q",n:"ask"},"altavista.com":{p:"q",n:"altavista"},"search.netscape.com":{p:"query",n:"netscape"},"cnn.com":{p:"query",n:"cnn"},"about.com":{p:"terms",n:"about"},"mamma.com":{p:"query",n:"mama"},"alltheweb.com":{p:"q",n:"alltheweb"},"voila.fr":{p:"rdata",n:"voila"},"search.virgilio.it":{p:"qs",n:"virgilio"},"baidu.com":{p:"wd",n:"baidu"},"alice.com":{p:"qs",n:"alice"},"yandex.com":{p:"text",n:"yandex"},"najdi.org.mk":{p:"q",n:"najdi"},"seznam.cz":{p:"q",
n:"seznam"},"search.com":{p:"q",n:"search"},"wp.pl":{p:"szukaj ",n:"wirtulana polska"},"online.onetcenter.org":{p:"qt",n:"o*net"},"szukacz.pl":{p:"q",n:"szukacz"},"yam.com":{p:"k",n:"yam"},"pchome.com":{p:"q",n:"pchome"},"kvasir.no":{p:"q",n:"kvasir"},"sesam.no":{p:"q",n:"sesam"},"ozu.es":{p:"q",n:"ozu "},"terra.com":{p:"query",n:"terra"},"mynet.com":{p:"q",n:"mynet"},"ekolay.net":{p:"q",n:"ekolay"},"rambler.ru":{p:"words",n:"rambler"},google:{p:"q",n:"google"}},c=h.createElement("a"),e={};c.href=
a;-1<c.hostname.indexOf("google")&&(n="google");b[n]?(a=b[n],b=new RegExp(a.p+"\x3d.*?([^\x26#]*|$)","gi"),c=c.search.match(b),e.source=a.n,e.medium="organic",e.term=(c?c[0].split("\x3d")[1]:"")||"(not provided)"):n!==q&&(e.source=c.hostname,e.medium="referral");return e}}function w(a,b,c,e,p){a=a+"\x3d"+b+";";c&&(a+="Expires\x3d"+c.toGMTString()+";");e&&(a+="Path\x3d"+e+";");p&&(a+="Domain\x3d"+p+";");h.cookie=a}function r(a){var b="; "+h.cookie;a=b.split("; "+a+"\x3d");if(1<a.length)return a.pop().split(";")[0]}
function x(a){if(a){var b=h.createElement("a");b.href=a;try{return b.hostname.match(/[^.]*\.[^.]{2,3}(?:\.[^.]{2,3})?$/)[0]}catch(c){}}}var t=h.referrer,f={utmcsr:"(direct)",utmcmd:"(none)",utmccn:"(not set)"},u=h.location.hostname,q=x(u),n=x(h.referrer),m=r("__utmzzses");u=new Date(+new Date+15552E6);var d=h.location.search.replace("?",""),l=h.location.hash.replace("#","");d=y(d+"#"+l);var g=z(t);l=r("__utmz")||r("__utmzz");t=[];var v={utm_source:"utmcsr",utm_medium:"utmcmd",utm_campaign:"utmccn",
utm_content:"utmcct",utm_term:"utmctr",gclid:"utmgclid",dclid:"utmdclid"},k;m&&n===q&&(g=d=null);if(d&&(d.utm_source||d.gclid||d.dclid)){for(k in d)"undefined"!==typeof d[k]&&(m=v[k],f[m]=d[k]);if(d.gclid||d.dclid)f.utmcsr="google",f.utmcmd=f.utmgclid?"cpc":"cpm"}else if(g)f.utmcsr=g.source,f.utmcmd=g.medium,g.term&&(f.utmctr=g.term);else if(l)for(f={},l=l.split("|"),v=l.length,g=0;g<v;g++)m=l[g].split("\x3d"),d=m[0].split(".").pop(),f[d]=m[1];for(k in f)"undefined"!==typeof f[k]&&t.push(k+"\x3d"+
f[k]);r("__utmzz")||w("__utmzz",t.join("|"),u,"/",q);w("__utmzzses",1,null,"/",q)})(document);. gtm.js:1515:413

Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). Source: document.addEventListener("copy",function(a){console.log("Click event: ",a);console.log("window.getSelection().toString()",window.getSelection().toString());""===window.getSelection().toString()?(console.log(a.target.value||a.target.textContent),a=a.target.value||a.target.textContent):a=window.getSelection().toString();""!==a&&dataLayer.push({event:"textCopied",clipboardText:a,clipboardLength:a.length})});. gtm.js:1515:413
Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). Source: try{(function(){var a=google_tag_manager["GTM-MSWJMNX"].macro(28);a="undefined"==typeof a?google_tag_manager["GTM-MSWJMNX"].macro(29):a;var b=new Date;b.setTime(b.getTime()+18E5);var c="gtm-session-start";b=b.toGMTString();var d="/",e=".daml.com";document.cookie=c+"\x3d"+a+"; Expires\x3d"+b+"; domain\x3d"+e+"; Path\x3d"+d})()}catch(a){};. gtm.js:1515:413
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
POSThttps://discuss.daml.com/csp_reports
[HTTP/2 429 Too Many Requests 636ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 3
POSThttps://discuss.daml.com/csp_reports
[HTTP/2 429 Too Many Requests 495ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 7

Source map error: Error: request failed with status 404
Resource URL: https://yyz2.discourse-cdn.com/flex028/stylesheets/desktop_theme_3_794c0eeb505c928a9b24846ec051657ce15ae957.css?__ws=discuss.daml.com
Source Map URL: desktop_theme_3_794c0eeb505c928a9b24846ec051657ce15ae957.css.map
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

Some cookies are misusing the recommended “SameSite“ attribute 18
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var b="none",a=window.dataLayer;"Polls"==a[a.length-1][1]&&a[a.length-1][2].event_label.includes("programming language")&&(b="programming language");return b})();. gtm.js:3:55

Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){try{var a=google_tag_manager["GTM-MSWJMNX"].macro(35);if("undefined"!==typeof a&&0<a){var b=new Date;var c=Math.round((b.getTime()-a)/1E3)}}catch(d){}return c})();. gtm.js:3:55
POSThttps://discuss.daml.com/csp_reports
[HTTP/2 429 Too Many Requests 214ms]

POSThttps://discuss.daml.com/csp_reports
[HTTP/2 429 Too Many Requests 213ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
XHRGEThttps://discuss.daml.com/categories.json
[HTTP/1.1 429 Too Many Requests 0ms]

Object { readyState: 4, getResponseHeader: getResponseHeader(e), getAllResponseHeaders: getAllResponseHeaders(), setRequestHeader: setRequestHeader(e, t), overrideMimeType: overrideMimeType(e), statusCode: statusCode(e), abort: abort(e), state: state(), always: always(), catch: catch(e), … }
_application-bc72b0779a8a19a02a6de1f449662533794742e2d31a3dac51176d69056517d5.js:71338:12
Error while processing route: discovery.categories _vendor-38c694ebc50be11315a1a170b219fe2533f73eab4351d848597a4f5a3d68945b.js:36991:31
Uncaught Error: Too Many Requests
    t _vendor-38c694ebc50be11315a1a170b219fe2533f73eab4351d848597a4f5a3d68945b.js:38573
    t _vendor-38c694ebc50be11315a1a170b219fe2533f73eab4351d848597a4f5a3d68945b.js:38554

Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var b="none",a=window.dataLayer;"Polls"==a[a.length-1][1]&&a[a.length-1][2].event_label.includes("programming language")&&(b="programming language");return b})();. gtm.js:3:55

XHRPOSThttps://discuss.daml.com/logs/report_js_error
[HTTP/2 429 Too Many Requests 315ms]

POSThttps://discuss.daml.com/csp_reports
[HTTP/2 429 Too Many Requests 303ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). Source: LO.min_chat();. clickstream.js:14:37289

Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var b="none",a=window.dataLayer;"Polls"==a[a.length-1][1]&&a[a.length-1][2].event_label.includes("programming language")&&(b="programming language");return b})();. gtm.js:3:55

Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var c=2;return function(b){window.dataLayer=window.dataLayer||[];var a=b.get("clientId");window.dataLayer.push({gaClientID:a});console.log("Client ID: ",a);({gaClientID:a});b.set("dimension"+c,a)}})();. gtm.js:3:55
Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var a=new Date,d=-a.getTimezoneOffset(),e=0<=d?"+":"-",b=function(c){c=Math.abs(Math.floor(c));return(10>c?"0":"")+c};return a.getFullYear()+"-"+b(a.getMonth()+1)+"-"+b(a.getDate())+"T"+b(a.getHours())+":"+b(a.getMinutes())+":"+b(a.getSeconds())+"."+b(a.getMilliseconds())+e+b(d/60)+":"+b(d%60)})();. gtm.js:3:55
Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var a=(new Date).getTime();"undefined"!==typeof performance&&"function"===typeof performance.now&&(a+=performance.now());return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(c){var b=(a+16*Math.random())%16|0;a=Math.floor(a/16);return("x"===c?b:b&3|8).toString(16)})})();. gtm.js:3:55

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 2
POSThttps://discuss.daml.com/csp_reports
[HTTP/2 429 Too Many Requests 208ms]

XHRPOSThttps://discuss.daml.com/message-bus/7aba0f238fc84f13bb5eb7b010341ad3/poll
[HTTP/2 429 Too Many Requests 606ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var b="none",a=window.dataLayer;"Polls"==a[a.length-1][1]&&a[a.length-1][2].event_label.includes("programming language")&&(b="programming language");return b})();. gtm.js:3:55

POSThttps://discuss.daml.com/csp_reports
[HTTP/2 429 Too Many Requests 567ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

Attempting to create a Worker from an empty source. This is probably unintentional. blank
Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var b="none",a=window.dataLayer;"Polls"==a[a.length-1][1]&&a[a.length-1][2].event_label.includes("programming language")&&(b="programming language");return b})();. gtm.js:3:55

Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){try{var a=google_tag_manager["GTM-MSWJMNX"].macro(67);if("undefined"!==typeof a&&0<a){var b=new Date;var c=Math.round((b.getTime()-a)/1E3)}}catch(d){}return c})();. gtm.js:3:55
POSThttps://discuss.daml.com/csp_reports
[HTTP/2 429 Too Many Requests 239ms]

Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var b="none",a=window.dataLayer;"Polls"==a[a.length-1][1]&&a[a.length-1][2].event_label.includes("programming language")&&(b="programming language");return b})();. gtm.js:3:55

Thanks!

Thanks for reporting everyone, will raise with support.

Sorry for late reply, I get similar error messages, 99+:

Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){var b="none",a=window.dataLayer;"Polls"==a[a.length-1][1]&&a[a.length-1][2].event_label.includes("programming language")&&(b="programming language");return b})();. gtm.js:3:55
Content Security Policy: The page’s settings blocked the loading of a resource at eval (“script-src”). Source: (function(){try{var a=google_tag_manager["GTM-MSWJMNX"].macro(96);if("undefined"!==typeof a&&0<a){var b=new Date;var c=Math.round((b.getTime()-a)/1E3)}}catch(d){}return c})();.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://settings.luckyorange.net/?u=https%3A%2F%2Fdiscuss.daml.com%2F&s=183271. (Reason: CORS request did not succeed).

Thanks @quidagis for reporting and both you and @Zsolt_Holman for providing additional details. While we haven’t solved all of the errors the issue causing the loading problem should be resolved.

Can you confirm for me (or alternatively let me know) if you encounter any other issues loading forum pages?

I just tried 10 random pages internally to the Forum and all of the links in the NavMenu: nil issues

Awesome!