This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Use offline 360 virtual tour

  • 5 ردود
  • 1 has this problem
  • 3 views
  • آخر ردّ كتبه Tony Reidsma

more options

Until the most recent update to firefox I used firefox to view 360 virtual tours offline on MAC and WINDOWS.

I updated firefox and now all I get is a black space where the 360 is supposed to be.

This is what the tour is supposed to look like: https://www.bigdutchmanusa.com/tours/broiler-breeder/

The attached is what comes up with the new version of firefox.

I have many clients who use these tours offline with firefox and I need to know how to fix this ASAP please.

Until the most recent update to firefox I used firefox to view 360 virtual tours offline on MAC and WINDOWS. I updated firefox and now all I get is a black space where the 360 is supposed to be. This is what the tour is supposed to look like: https://www.bigdutchmanusa.com/tours/broiler-breeder/ The attached is what comes up with the new version of firefox. I have many clients who use these tours offline with firefox and I need to know how to fix this ASAP please.
Attached screenshots

All Replies (5)

more options

Here's the HTML files in case you want to test it LINK

more options

Hi Tony, I have a theory.

Firefox 68 contains a security patch which restricts the kinds of files that pages can load (and loading methods) when you open them from a file:// URL. This change was made to prevent exfiltration of valuable data within reach of a local page, as demonstrated in an available exploit.

Since you are setting up the object with a script, that may be subjected to higher restrictions than predefined objects.

Confirming the Theory

You can check for messages in Firefox's Web Console, part of the developer tools you can open in the lower part of the tab. Either:

  • "3-bar" menu button > Web Developer > Web Console
  • (menu bar) Tools > Web Developer > Web Console
  • (Windows) Ctrl+Shift+k

Then reload the page in the upper part of the tab and watch for new messages. In particular, anything similar to the following is an important clue:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///<your URL> (Reason: CORS request not http).

Related article: https://developer.mozilla.org/docs/Web/HTTP/CORS/Errors/CORSRequestNotHttp

Workaround

You can roll back the patch as follows:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful or accepting the risk.

(2) In the search box above the list, type or paste uniq and pause while the list is filtered

(3) Double-click the privacy.file_unique_origin preference to switch the value from true to false

To mitigate the vulnerability: If you save pages from untrusted sites in a separate folder, e.g., Downloads\Untrusted, then it would be difficult for an attacker to find any valuable content using local file links.

more options

Thank you very much for your reply.

My main issue is this....

My clients need to be able to play these tours offline, and they aren't going to know how, or want to do any special config's to make them work, so it's my job now to figure out how to make firefox work again... :-(

Attached are the alerts I'm getting.

more options

Unfortunately, those messages don't provide specific enough information. These are the messages I get:

(1) Fonts not loading

Many like this:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///C:/<redacted>/Broiler%20and%20Breeder%20HTML/fonts/Oswald-RegularItalic.ttf

(2) WebGL texture not loading

Error: WebGL warning: texImage2D: Cross-origin elements require CORS.

These CORS (cross-origin) errors are due to the security patch in Firefox 68.


If I make the about:config preference change I mentioned before and reload the page (Ctrl+r), then I get warehouses.

I realize this is inconvenient for your clients to have to change a setting, but obviously you can blame it on Firefox fixing a security issue.


I thought I would compare in Chrome, and I get a popup that says "This virtual tour cannot be played from a local drive. Please upload it to the internet and try again."

I don't know whether that is due to my configuration, or something built-in to the library you're using.

more options

Thanks again.

FireFox has been the only browser that would let me play the tours offline, but I guess I now need to find a different solution.

I appreciate your help.