Reports no longer loading on firefox about pygsti HOT 5 CLOSED

I haven't been able to reproduce this issue, and I'm running "Firefox Quantum 60.2.0esr (64-bit)" - could you give me as much version information as you can on your Firefox?

Also, if you're able to open up the web console within Firefox (for me it's Tools -> Web Developer -> Web Console), there's usually some bright red lines explaining why the browser isn't allowing files to be loaded because of security concerns. I might be able to interpret those messages.

An unfortunate issue with the pyGSTi reports is that since they're essentially a whole website dumped into a local directory, browsers don't tend to like to load them without a true web server. Firefox seems the most lenient in this regard, but it's entirely possible that some versions (maybe the newest ones?) have become stricter and don't allow local loading of websites anymore. The web server option should always work, and perhaps the other options for doing that will work better if the python http server has caching issues.

For what it's worth, Safari Version 12.1.2 is also working for me now (with the cross-origin restrictions disabled, as explained in the loading-failed screen), not that this helps you much on Ubuntu.

from pygsti.

Any update? I'd like to take a closer look at this issue.

@obriente could you please provide your Firefox version, Ubuntu version, and if possible, could you attach the report in question?

from pygsti.

Sorry about that, for some reason I missed the first reply.

I'm on Firefox Quantum 69.0.1 , and Ubuntu 18.04.3 LTS. I'm seeing this for any report I open, see attached for one example.
single_qubit_HSI_report_20190401_1e-5_L=8192_N=250.zip

I'm also seeing some errors in the web console, here's a dump:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///home/tom/Downloads/single_qubit_HSI_report_20190401_1e-5_L=8192_N=250/tabs/test.html. (Reason: CORS request not http).

AJAX ERROR: connection error main.html:338:17
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///home/tom/Downloads/single_qubit_HSI_report_20190401_1e-5_L=8192_N=250/tabs/Summary.html. (Reason: CORS request not http).

loadLocal: there was a connection error of some sort! pygsti_dashboard.js:217:10
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at file:///home/tom/Downloads/single_qubit_HSI_report_20190401_1e-5_L=8192_N=250/figures/table_9007_0.html. (Reason: CORS request not http).

Switches initialized: table_9007 handlers set main.html:197:13
loadLocal: there was a connection error of some sort! pygsti_dashboard.js:217:10
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://mirrors.ctan.org/fonts/cm-unicode/fonts/otf/cmunbx.otf. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://mirrors.ctan.org/fonts/cm-unicode/fonts/otf/cmunbx.otf. (Reason: CORS request did not succeed).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://mirrors.ctan.org/fonts/cm-unicode/fonts/otf/cmunrm.otf. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://mirrors.ctan.org/fonts/cm-unicode/fonts/otf/cmunrm.otf. (Reason: CORS request did not succeed).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://mirrors.ctan.org/fonts/cm-unicode/fonts/otf/cmunti.otf. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://mirrors.ctan.org/fonts/cm-unicode/fonts/otf/cmunti.otf. (Reason: CORS request did not succeed).

​

from pygsti.

Ah, I see... Here's the problem: the Report loading failed page is lying 😄

Contrary to what that page may say, modern versions of Firefox treat file URI requests as CORS and will enforce its strict origin policy by default, i.e. preventing any such requests. Here are two workarounds:

1. (preferred) Serve the directory with Python's HTTP server. Note that the fail page instructions for this are also outdated! Users on all platforms should run python -m http.server 8000 from the report directory.

2. Alternatively, you can disable the file URI strict origin policy in Firefox. Navigate to about.config, search for security.fileuri.strict_origin_policy and change its value from true to false.

I'll update the info in the report template. In the mean time, do either of these workarounds help?

from pygsti.

Thanks for the quick response. Both of your suggestions work, but 1. seems to have caching issues (i.e. firefox sometimes caches the webpage from one GST file and then shows this when you try to look at another). So disabling the strict origin policy seems to be the better (although less secure) option.

from pygsti.