Hello,
I am using Twitter for Websites to embed tweets on my website. So far I haven’t added syndication twitter com to my csp (it is still reportOnly) and until a few days ago everything was working fine. But now it is running into an endless loop where it tries to report a security-policy-error to syndication twitter com, which causes another security policy error, which it tries to report, causes another error and so on. Within ~4 seconds this causes more than 6000 requests (half to twitter, half to my report-url (Which stopped accepting reports since I blew past my quota a few seconds after the first person loaded my website and consented to using twitter)) and causes the entire site to freeze. While this should be fixable by simply adding syndication to the csp, wouldn’t reporting the problem only once per twitter-domain and ignoring later security-policy-errors be enough?
A7rRay
#2
@125_m_125 thanks for bringing this to our attention. I will be working on a fix ASAP and will update you when this fix is available.
A7rRay
#3
@125_m_125 a recent change causing this issue has been rolled back. Let us know if the issue persists
system
Closed
#4
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
