Palemoon web browser, viewing Collections

[skittered]

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://floor.pbxai.com/?pubxId=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx&page=https://next.nexusmods.com/fallout3/collections&maxBid=null&bidDep=null&aucId=null
(Reason: CORS header ‘Access-Control-Allow-Origin’ missing).


Pale Moon v31.4.0 (2022-11-22)
CORS support has been updated to the current spec. **
Most importantly, Pale Moon now accepts wildcard entries ("*") for the CORS statements Access-Control-Expose-Headers,
Access-Control-Allow-Headers and Access-Control-Allow-Method. Note that wildcards are ignored (according to the spec) when credentials are passed.


In 31.4.0, CORS has become stricter to adhere more closely to the CORS standard. **


--- If they are using CORS mode and want to pass credentials, the server has to send an access-control-allow-credentials header.


.. Is there any easy solution to access this page until they will solve it?


--- I'm afraid not. There's no mechanism to easily bypass CORS/SOP deliberately

 

 

 

 

 

 

** wondering who to blame for this

Edited January 5, 2023 by skittered

[Pickysaurus]

Palemoon is not a supported browser I'm afraid. If you try accessing the site in a modern browser you shouldn't get this problem. That looks like it's more an issue with the adverts on the page than the page itself anyway.

[skittered]

Regardless of whether it's related to the ads on the page or the actual page content itself, everything I've read suggests that a CORS error is a security issue and that I should not be trying to circumvent it.

[showler]

Then don't.

 

Use a real browser instead.

[skittered]

wonder what would have happened if i had specified i was using chrome and came across this issue while perusing the console log .. and was concerned because it's a security issue that chrome is apparently not concerned with.

Edited January 5, 2023 by skittered

[Guest deleted34304850]

wonder what would have happened if i had specified i was using chrome and came across this issue while perusing the console log .. and was concerned because it's a security issue that chrome is apparently not concerned with.

nothing, as that would be a lie.

[skittered]

so the modern take is .. the modern browser does not need to follow the spec .. as long as it works .. regardless of whether or not it leaves a security hole

[Guest deleted34304850]

no, the take is you're using a browser that isn't supported, and, as much as you won't believe this, isn't as secure as you think it is.

palemoon is hot garbage.

get a more popular, better supported browser and protect yourself.

or don't.

[skittered]

.. what? .. following the specs isn't supported?

[Pickysaurus]

CORS isn't something you (as the user) need to worry about. If Palemoon is bringing it to your attention directly then that's not a good user experience. However, if you're just poking about in the console please keep in mind that it's a developer console that shows messages relevant to developers. The average user doesn't need to use those tools.