The site uses CSP (Content Protection Policy). At the moment, the site is not supported in the mobile text translation application (Yandex, Google). And it used to work, and it was better. Can this be fixed?
(it’s Content-Security-Policy btw). Those translation pages work by embedding the target site in an iframe. That’s not working with CSP, and it will be working less and less because more sites are setting up their CSP to not get alien content injected. CSP was also promoted by Google as the main Chrome/Chromium developer, as well as by Mozilla Firefox. I think those translation apps will have to come up with a better solution.
1 Like
Seconded. The tight frame-ancestors CSP directive is entirely intentional and weakening it is not an option as it would open us to clickjacking (UI redress) attacks. AskBot used to have a weak CSP for historical reasons which never got around to fix properly because it was breaking too many things.