Unable to purchase Voodoopad from website using Safari browser
Clyde Graham
Machine: MacBook Pro 16", 2019
MacOS: 14.2.1
Safari: 17.2.1
When I click the Buy Now button, the screen to purchase never loads. I am seeing this with Safari & Firefox. Clearing my cache and cookies does not make a difference. Chrome works
Safari Web inspector gives error: Refused to load https://primatelabs.onfastspring.com/popup-voodoopad/session/nC94e5csT3OwNl2jml9Y3Q because it does not appear in the frame-ancestors directive of the Content Security Policy.
Firefox web inspector gives this information:
GET
https://primatelabs.onfastspring.com/popup-voodoopad/session/rNZc21A6QdGFDW9gPMgKyg
GET
https://primatelabs.onfastspring.com/popup-voodoopad/session/rNZc21A6QdGFDW9gPMgKyg
Status
200
VersionHTTP/2
Transferred2.11 kB (0 B size)
Referrer Policystrict-origin-when-cross-origin
DNS ResolutionSystem
cache-control
no-transform
content-encoding
gzip
content-security-policy
default-src 'none'; connect-src 'self' logger.fastspring.com apis.fastspring.com *.pendo.io *.aptrinsic.com https://pendo-static-5711234847211520.storage.googleapis.com *.sift.com https://hexagon-analytics.com *.fastspring.com; script-src https://ajax.googleapis.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://d1f8f9xcsvx3ha.cloudfront.net https://pendo-static-5711234847211520.storage.googleapis.com *.pendo.io *.sift.com https://hexagon-analytics.com *.fastspring.com https://d37uz57…ps://d1f8f9xcsvx3ha.cloudfront.net https://d37uz57cydkqly.cloudfront.net; style-src https://cdnjs.cloudflare.com https://d1f8f9xcsvx3ha.cloudfront.net *.pendo.io 'unsafe-inline' *.sift.com https://hexagon-analytics.com *.fastspring.com https://d37uz57cydkqly.cloudfront.net; frame-src *; sandbox allow-downloads allow-scripts allow-forms allow-same-origin allow-top-navigation allow-popups allow-popups-to-escape-sandbox; child-src *; frame-ancestors https://www.primatelabs.com https://www.voodoopad.com 'self';
content-type
text/html
date
Fri, 26 Jan 2024 18:40:11 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
last-modified
Fri, 26 Jan 2024 18:40:11 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=631138519
vary
Accept-Encoding
vary
Accept-Encoding
X-Firefox-Spdy
h2
x-fs-trace
FSG5LV5XKLBJEWZIOG4TPWAVJPWA;Root=1-65b3fc8b-43ec05347a6f3c1171899201
x-robots-tag
noindex, nofollow, noarchive
x-robots-tag
noindex, nofollow, noarchive
x-xss-protection
1; mode=block
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US,en;q=0.5
Connection
keep-alive
DNT
1
Host
primatelabs.onfastspring.com
Referer
http://www.voodoopad.com/
Sec-Fetch-Dest
iframe
Sec-Fetch-Mode
navigate
Sec-Fetch-Site
cross-site
Sec-GPC
1
TE
trailers
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:121.0) Gecko/20100101 Firefox/121.0
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
1 Posted by Clyde Graham on Jan 26, 2024 @ 07:04 PM
I'd guess that this is a browser security issue, based on the errors. I don't know if Safari & Firefox tightened default security settings.