A few of you may have discovered today that thumbnails suddenly stopped loading in Firefox. I did.Checking the browser console, I found errors for each thumbnail in the catalog which said "A resource is blocked by OpaqueResponseBlocking, please check browser console for details."After disabling browser.opaqueResponseBlocking in about:config, those error messages turned into 403's and the images would still not load.I did a desuarchive search for Firefox and found a post in /trash/ saying "I figured it out. 4chan is now asking for referrers when requesting images from 4cdn... TL:DR; 4chan wants to know where you were before loading an image." along with a screenshot of all about:config settings with the word "referer" in them.With the help of that screenshot, I pinpointed the issue to network.http.referer.XOriginPolicy in about:config, which I had set to 2 for whatever reason, I don't know. Setting it to 0 fixed the problem.Most of you on Firefox probably won't experience this since 0 is the default setting.So, for those of you also experiencing this issue, there's the fix, and now the fix is on desuarchive for others to find.Feel free to discuss the technological/privacy ramifications of this change by 4chan, or if the /trash/ poster's analysis is correct.
Thanks for the tip.
Fixed it for me. Thanks OP and merry christmas.
I thought it was pedo proxy acting up. Seems to have resolved on it's own.
>leto
>>1076685372 = only send referrer if current subdomain and domain matches destination1 = only send referrer if current domain matches destination0 = always send referrer
>>107668537Merry Christmas, King
Thank you /g/. Was having this issue myself. You guys are okay.
To anyone that was using Imagus and Simple Modify Headers. Delete the 4chan rule in BAKA. I was having the issue on Brave.
>>107669462S M H as in Simple Modify Headers shaking my head famalams
>>107669462Thanks for the heads up.So it looks like this issue of thumbnails not loading can also occur in Chrome or Chromium-based browsers such as Brave, depending upon extension use.Making this post mainly so there's a post with the words, thumbnails, Chrome, Chromium and Brave in Desuarchive.
>>107668537Don't just let any faggot know where you're coming from, install referrer spoofer addon like this one: https://addons.mozilla.org/en-GB/firefox/addon/referrer-switch/Whoever let referrer header become a standard is a big fat FAGGOT.
>>107668537annoying change. i specifically use `network.http.referer.XOriginPolicy` and `network.http.referer.defaultPolicy` to stop sending the Referer header to every single site and image that i view for obvious privacy reasons. it seems that they've started blocking people specifically from viewing thumbnails on origins other than boards.4chan.org, which fair enough, they don't want people to hotlink to their stuff. however, the protection on the main image route seems to be different and blocks requests only if the Referer header *is set* and is set to anything but boards.4chan.org (and a couple others like google.com and i.4cdn.org). it can be trivially bypassed if you simply add `referrerpolicy=no-referrer` to your img tags and then you can just hotlink away. they seem to set `access-control-allow-origin: http://boards.4chan.org` on the response so that you technically couldn't read the images from javascript within your web app (nobody cares about this), but again, it's not enough to prevent hotlinking because they still respond to requests without a Referer header set. also interestingly, if you try directly opening the image link from another referrer (so using an <a> tag, not embedded within <img>) so that your Referer is set to something like mysite.com you get a cloudflare captcha, but *only* if your <a> tag didn't have the rel="noreferrer" property on it, if it did the image just loads.anyway, if any powers that be are reading this, please kindly revert this change. make the thumbnails work in the same way that normal images work (again), this is very annoying if you're an anon like me who tries to hide his referrer. if i want to use 4chan normally now i will either have to stop using `network.http.referer.XOriginPolicy` and give up some privacy or use some extension with permission to run on every site to block referrer headers on every site with an exception made specifically for 4chan. thank you
>>107668537i don't care, i won't let any website to know every website i am visiting during my web browsing sessions.
>>107668537good thread anoni think they use it to check if people are clicking here from discord or something, at least partially
https://github.com/garywill/autoRefererWhat do you all think about this add-on?>Referer Policy of this Addon>For webs' top frame (i.e. clicking link, navigating, redirecting etc.):>If origin and target url have same domain, allow trimmed referer>If origin and target url have different domain, no referer>For in-page resources (images, videos, js, css etc.), allow trimmed referer (this is the key to not break most webs, also a balance between privacy and experience)>Trim referer: Any referer should be no more than http(s)://domain-name:port/ (like Firefox's native about:config setting network.http.referer.trimmingPolicy = 2).>Not allow referer that not starts with "http" or "https". (Please feedback if you find something broken due to this)>No referer when downgrade from HTTPS/WSS to HTTP/WS>We believe that can protect privacy enough and won't break web.4chan thumbnails are working with this add-on installed and network.http.referer.XOriginPolicy set to 0.>If origin and target url have different domain, no refererSeems like this will prevent what >>107670040 is concerned about. Add-on seems to be actively maintained.
https://github.com/M-Reimer/togglereferrerAnother option which seems to do exactly what >>107670030 wants:>or use some extension with permission to run on every site to block referrer headers on every site with an exception made specifically for 4chanThis one can disable referrer altogether and you can set exceptions like 4chan for this.Also seems to be actively maintained, as it was updated three days ago.
>>107668537Yeah, got it on Waterfox, which automatically sets network.http.referer.XOriginPolicy to 2.I wonder if it's related to the santa hat overlays since that seemed to be exactly when it started acting up.
>>107668684>>107670199Also, oddly, while 4chan thumbnails load with the extension in >>107670199 installed, they do not with network.http.referer.XOriginPolicy set to 1, which should be doing the same thing that the extension is doing.
>4chan wants to know your referernigger.com
>>107670255Ditto - I think it's part of waterfoxes sphincter clenching 'security'.
>>107668537>>107670167
