I'm a registered user of amazon.de, and I've enabled cookies for this site. Whenever I enter it, it represents 2 areas headed with "New recommendations for you" and "New for you". Both areas are blank, though - I only see images and text for the fraction of a second when the site is loaded. The funny thing is: This is only the case if ssl-images-amazon.com is allowed in Noscript. If I block ssl-images-amazon.com in Noscript, all is well!
I've also tried disabling ABE and/or Secure Cookie Management but to no avail. Only blocking ssl-images-amazon.com helps. But why?
EDIT: If I allow ssl-images-amazon.com in Noscript I get the following errors in the error console:
No, unfortunately they're not relevant (one is from Firefox and it's about a know SSL vulnerability affecting most web sites, the other are just CSS validity warnings).
Does disabling all the other extensions or disabling NoScript change this behavior?
Okay, I disabled Noscript, restarted FF and all was well - although the site looked somehow different now. So I activated Noscript and restarted FF once more - and the site still looks well (no blank areas) although ssl-images-amazon.com is now allowed in NS. Funny. Either a cache problem or perhaps a racing condition between NS and another extension?
A similar problem today: When I select, e.g., a book on amazon.de there is an area headed "Customers who bought this article also bought ...". This areas is blank when images-amazon.com is allowed in NS. The error console shows this error:
No XSS errors. And no errors at all if images-amazon.com is blocked.
I can live with that behaviour. But I think that it's generally strange that I can only see something on a website when it's blocked in Noscript Shouldn't it be the other way round?
Do you perhaps have DOM storage disabled? The check Amazon does to see if sessionStorage is supported is faulty; it only checks the existence of sessionStorage, now whether using it actually works.
Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6
Do you perhaps have DOM storage disabled? The check Amazon does to see if sessionStorage is supported is faulty; it only checks the existence of sessionStorage, now whether using it actually works.
Yes, I have dom.storage.enabled set to false but I don't see the referred line you mentioned in the error console...
But the question remains why I can only see something on a website if it's blocked by Noscript
tlu wrote:
But the question remains why I can only see something on a website if it's blocked by Noscript
Probably because there's a <NOSCRIPT> fallback if you've got scripts disabled, while the script which would normally fill the document fails for some bug (the dom storage one above?)
tlu wrote:
But the question remains why I can only see something on a website if it's blocked by Noscript
Probably because there's a <NOSCRIPT> fallback if you've got scripts disabled, while the script which would normally fill the document fails for some bug (the dom storage one above?)
Yes, indeed, you are right. I allowed dom.storage.enabled (only temporarily, of course), allowed ssl-images-amazon.com in NS, and it worked as it should.
