Getting "The operation is insecure"

[singpolyma]

In my console when clicking the follow links I added at https://singpolyma.net/

[singpolyma]

Also getting:

Error: [$injector:cdep] Circular dependency found:

[singpolyma]

It seems likely this is some sort of firefox version compatibility issue.

[singpolyma]

I also see "There was an error, so we could not load the services from the localStorage. " -- and the reason given is the security reason from above. Since it works on subtome.com but not on other domains I try (my site or http://voxpelli.com/) I am suspecting a same-origin interaction with localStorage?

[voxpelli]

I can't reproduce this in my Firefox, so seems like a pretty nasty problem.

[singpolyma]

If I just add an iframe to the DOM of any site with https://www.subtome.com/?subs/#/subscribe?resource=https:%2F%2Fsingpolyma.net%2Ffeed%2F as the src, I reproduce on my browser

[singpolyma]

I have to set "Accept third party cookies" to "always" and then the issue goes away.

[singpolyma]

So, it would be nice if this error didn't cause the whole UI to just not render at all, makes the site look broken

[singpolyma]

Relevant ticket that introduced this behaviour to firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=536509

[singpolyma]

This is very related to, and may be the same as, #75

[singpolyma]

My preferred fallback (if nothing useful can be rendered, though probably we can, just can't show the user's preferences so it's always like they're new, which would be fine) would be to window.location = resource

[julien51]

Wow. This seems nasty. I think that indeed this is in the way FF handles cookies and localstorage.
Please, feel free to submit a PR that shows the issue in the UI rather than just in the console... at least this will help us guide people!