Re: An important site that doesn't work with SeaMonkey

[NFN Smith]

David H. Durgee wrote:


Actually not spoofing other than Chase, I simply have the preference set 
to identify as Firefox under HTTP Networking.  Perhaps that preference 
should be ignored in the news/mail component of SeaMonkey.


I agree -- that's probably something that should have been addressed 
years ago, although I'm not optimistic that it's something that might 
get much attention from a Bugzilla filing for a feature change.


That's precisely the reason why I don't do permanent spoofing, because I 
don't want to mess up my mail client.


Besides doing stuff on the fly with PrefBar, I do make a little use of 
spoofing through site-specific settings with general.useragent.override 
entries. I do this for sites that I visit often enough that I don't want 
to bother with remembering to have to turn off spoofing when I'm done 
using them (and not always desirable when I have lots of tabs open). 
Plus, I do google.com to show a stock Firefox, as a way of fixing a 
small, but annoying display issue with their search bar.


Smith

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[mozilla-lists . mbourne]

meagain wrote:

This site will tell you about your browser:
https://www.whatismybrowser.com/

It tells me >  Firefox 60 on Windows 10

✗ Your web browser is out of date
Out of date web browsers can have security problems and may cause 
websites to not work properly.

You have version 60, why not upgrade to 86?


That's because you have SeaMonkey set to only include Firefox in the 
user-agent string, and since current SeaMonkey is most closely 
compatible with Firefox 60 it indicates that version (otherwise sites 
checking the version would assume newer features are supported and try 
using them).  If you set Edit > Preferences > Advanced > HTTP Networking 
> User Agent String to either "Identify as SeaMonkey" or "Identify as 
SeaMonkey and advertise Firefox compatibility", that site will correctly 
identify your browser as SeaMonkey, and show the correct version of 
SeaMonkey.


--
Mark.

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[EE]

meagain wrote:

This site will tell you about your browser:
https://www.whatismybrowser.com/


Interesting page.  I tried it with a few fake user-agents from User 
Agent Switcher and it identifies Firefox (from SeaMonkey's core) every 
time but gets the platform from the fake.


___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[David H. Durgee]

NFN Smith wrote:

David H. Durgee wrote:


It tells me >  Firefox 60 on Windows 10

✗ Your web browser is out of date
Out of date web browsers can have security problems and may cause 
websites to not work properly.

You have version 60, why not upgrade to 86?



Well, Firefox 60 is out of date. The current version is 86 and the 
ESR version is 78.something.something.




The only site I have to switch user agents for at present is Chase, 
and they accept Firefox 68 there.  In general I believe it best to 
stay as close to reality as possible, as a site might attempt to use 
features 
only implemented in later releases if it thinks they are available.



Chase is long known to be especially unfriendly to Seamonkey, but where 
spoofing is generally enough to get around problems.  Although rejection 
errors are often phrased as "outdated" and imply that older versions of 
Firefox may not have sufficient capacity, most of the time, the only 
thing compelling about newer versions of Firefox is fixes of security 
holes.  However, with Firefox, virtually every x.0.0 release has 
security fixes, often holes introduced within the last one or two 
release cycles.  Thus, I don't believe that any site will reject a 
connection that shows Firefox 78 (implied, 78 ESR), even if there are 
security fixes for each version since 78, all the way up to the current 
86.0.  Thus, I believe concerns about security holes to be mostly 
overblown.


I've noted before that the most frequent places I see objections to 
Seamonkey (and older Firefox UA strings) tends to be at financial 
institutions, and where their objections to Seamonkey mostly come from 
their unwillingness to invest any effort other than stock Firefox (and I 
suspect that there's a growing number that would ignore Firefox entirely 
and standardize on Chrome, if they could get away with it).  Chase is 
merely one of the most aggressive out there.


I know that one of the things that drives UA sniffing is server 
scripting.  With NoScript active, I've found that I less frequently get 
barks about aged or unsupported browsers (as well as things like EU 
cookie warnings).  However, for sites that require logins, it's frequent 
that User Agent sniffing is done by scripting from the same servers that 
are used to process login credentials. Therefore, if you block the 
particular scripting host, you won't get UA complaints, but you can't 
log in, either.


Not all UA handling relies on scripting.  On my own server, I do 
filtering of UA settings through the server's .htaccess file, as a way 
of defending against bot activity.  Besides stuff that's obvious 
(never-valid versions, and UA strings with syntax errors) I generally 
use .htaccess rules to reject really old versions (e.g. IE versions 
before 11, Chrome versions before 70, etc.) because a connection showing 
those UAs is far more likely to be a bot than a live user.  But if 
connection is rejected that way, the user merely gets a 403 error 
("Access Denied". The only way it's possible to display a plea/demand 
for an acceptable browser is via scripting.


To my knowledge, other Mozilla-derived browsers that use the same syntax 
of UA strings (particularly PaleMoon and Waterfox) tend to have the same 
issues that we Seamonkey users do, although I haven't examined 
extensively.  And for some reason, sites tend not to complain about 
non-Google Chromium browsers, such as Opera, Iron or Brave.


All that said, if you're resorting to spoofing, there's nothing that 
*requires* using a valid UA string.  If a site is simply looking for a 
particular version, it's common that they're not looking for anything 
else.  I haven't tried it, and handling likely varies from site to site, 
but a lot of the time, I don't see a reason why you can't spoof, showing 
something like:


    Mozilla/5.0 (X11; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0 
SeaMonkey/2.53.7


This one happens to be a Linux string and the most current version of 
Firefox, but I think that most sites don't really care what platform 
you're showing.  Most of the time, they're merely looking for a minimum 
version of Firefox that follows the slash.  Some may pay attention to 
"Seamonkey" following "Firefox", but few do.  And in my experience, what 
you show following rv: is irrelevant. Notice that I've also rendered 
Seamonkey as 2.53.7 (which is still beta), but I don't think that really 
matters, either.


If you want to do it with Windows (and with Firefox ESR) you can use:

    Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 
Firefox/78.0 SeaMonkey/2.53.7


One additional consideration of spoofing is that if you resort to this 
kind of thing, it very clearly identifies you, and pretty much uniquely. 
  If you're sensitive to that kind of tracking, your best bet would be 
to stay under the radar, and show just string from Firefox 78 ESR:


    Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 
Firefox/78.0


With 

Re: An important site that doesn't work with SeaMonkey

[NFN Smith]

David H. Durgee wrote:


It tells me >  Firefox 60 on Windows 10

✗ Your web browser is out of date
Out of date web browsers can have security problems and may cause 
websites to not work properly.

You have version 60, why not upgrade to 86?



Well, Firefox 60 is out of date. The current version is 86 and the ESR 
version is 78.something.something.




The only site I have to switch user agents for at present is Chase, and 
they accept Firefox 68 there.  In general I believe it best to stay as 
close to reality as possible, as a site might attempt to use features 
only implemented in later releases if it thinks they are available.



Chase is long known to be especially unfriendly to Seamonkey, but where 
spoofing is generally enough to get around problems.  Although rejection 
errors are often phrased as "outdated" and imply that older versions of 
Firefox may not have sufficient capacity, most of the time, the only 
thing compelling about newer versions of Firefox is fixes of security 
holes.  However, with Firefox, virtually every x.0.0 release has 
security fixes, often holes introduced within the last one or two 
release cycles.  Thus, I don't believe that any site will reject a 
connection that shows Firefox 78 (implied, 78 ESR), even if there are 
security fixes for each version since 78, all the way up to the current 
86.0.  Thus, I believe concerns about security holes to be mostly overblown.


I've noted before that the most frequent places I see objections to 
Seamonkey (and older Firefox UA strings) tends to be at financial 
institutions, and where their objections to Seamonkey mostly come from 
their unwillingness to invest any effort other than stock Firefox (and I 
suspect that there's a growing number that would ignore Firefox entirely 
and standardize on Chrome, if they could get away with it).  Chase is 
merely one of the most aggressive out there.


I know that one of the things that drives UA sniffing is server 
scripting.  With NoScript active, I've found that I less frequently get 
barks about aged or unsupported browsers (as well as things like EU 
cookie warnings).  However, for sites that require logins, it's frequent 
that User Agent sniffing is done by scripting from the same servers that 
are used to process login credentials. Therefore, if you block the 
particular scripting host, you won't get UA complaints, but you can't 
log in, either.


Not all UA handling relies on scripting.  On my own server, I do 
filtering of UA settings through the server's .htaccess file, as a way 
of defending against bot activity.  Besides stuff that's obvious 
(never-valid versions, and UA strings with syntax errors) I generally 
use .htaccess rules to reject really old versions (e.g. IE versions 
before 11, Chrome versions before 70, etc.) because a connection showing 
those UAs is far more likely to be a bot than a live user.  But if 
connection is rejected that way, the user merely gets a 403 error 
("Access Denied". The only way it's possible to display a plea/demand 
for an acceptable browser is via scripting.


To my knowledge, other Mozilla-derived browsers that use the same syntax 
of UA strings (particularly PaleMoon and Waterfox) tend to have the same 
issues that we Seamonkey users do, although I haven't examined 
extensively.  And for some reason, sites tend not to complain about 
non-Google Chromium browsers, such as Opera, Iron or Brave.


All that said, if you're resorting to spoofing, there's nothing that 
*requires* using a valid UA string.  If a site is simply looking for a 
particular version, it's common that they're not looking for anything 
else.  I haven't tried it, and handling likely varies from site to site, 
but a lot of the time, I don't see a reason why you can't spoof, showing 
something like:


   Mozilla/5.0 (X11; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0 
SeaMonkey/2.53.7


This one happens to be a Linux string and the most current version of 
Firefox, but I think that most sites don't really care what platform 
you're showing.  Most of the time, they're merely looking for a minimum 
version of Firefox that follows the slash.  Some may pay attention to 
"Seamonkey" following "Firefox", but few do.  And in my experience, what 
you show following rv: is irrelevant. Notice that I've also rendered 
Seamonkey as 2.53.7 (which is still beta), but I don't think that really 
matters, either.


If you want to do it with Windows (and with Firefox ESR) you can use:

   Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 
Firefox/78.0 SeaMonkey/2.53.7


One additional consideration of spoofing is that if you resort to this 
kind of thing, it very clearly identifies you, and pretty much uniquely. 
 If you're sensitive to that kind of tracking, your best bet would be 
to stay under the radar, and show just string from Firefox 78 ESR:


   Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 
Firefox/78.0


With Seamonkey, remember also 

Re: An important site that doesn't work with SeaMonkey

[David H. Durgee]

WaltS48 wrote:

On 3/1/21 5:51 PM, meagain wrote:

 Original Message 

Lemuel Johnson via support-seamonkey wrote:

On 1/25/2021 12:36 PM, Ray Davison wrote:

 I cannot use SM at Chase.


Chase works for me with:
general.useragent.override.chase.com:  Mozilla/5.0 (Windows NT 10.0; 
Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0


Every few months I have to update the "rv" and "Firefox" levels.


I pasted that into user.js, and Chase seems to work.

If I swap chase for some other bank's domain should that one stop 
complaining about unsupported?


TY
Ray



This site will tell you about your browser:
https://www.whatismybrowser.com/

It tells me >  Firefox 60 on Windows 10

✗ Your web browser is out of date
Out of date web browsers can have security problems and may cause 
websites to not work properly.

You have version 60, why not upgrade to 86?



Well, Firefox 60 is out of date. The current version is 86 and the ESR 
version is 78.something.something.




The only site I have to switch user agents for at present is Chase, and 
they accept Firefox 68 there.  In general I believe it best to stay as 
close to reality as possible, as a site might attempt to use features 
only implemented in later releases if it thinks they are available.


Dave
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[WaltS48]

On 3/1/21 5:51 PM, meagain wrote:

 Original Message 

Lemuel Johnson via support-seamonkey wrote:

On 1/25/2021 12:36 PM, Ray Davison wrote:

 I cannot use SM at Chase.


Chase works for me with:
general.useragent.override.chase.com:  Mozilla/5.0 (Windows NT 10.0; 
Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0


Every few months I have to update the "rv" and "Firefox" levels.


I pasted that into user.js, and Chase seems to work.

If I swap chase for some other bank's domain should that one stop 
complaining about unsupported?


TY
Ray



This site will tell you about your browser:
https://www.whatismybrowser.com/

It tells me >  Firefox 60 on Windows 10

✗ Your web browser is out of date
Out of date web browsers can have security problems and may cause 
websites to not work properly.

You have version 60, why not upgrade to 86?



Well, Firefox 60 is out of date. The current version is 86 and the ESR 
version is 78.something.something.


--
OS: Fedora 33 Workstation - Gnome Desktop
https://www.thunderbird.net/en-US/get-involved/


___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[meagain]

 Original Message 

Lemuel Johnson via support-seamonkey wrote:

On 1/25/2021 12:36 PM, Ray Davison wrote:

 I cannot use SM at Chase.


Chase works for me with:
general.useragent.override.chase.com:  Mozilla/5.0 (Windows NT 10.0; 
Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0


Every few months I have to update the "rv" and "Firefox" levels.


I pasted that into user.js, and Chase seems to work.

If I swap chase for some other bank's domain should that one stop 
complaining about unsupported?


TY
Ray



This site will tell you about your browser:
https://www.whatismybrowser.com/

It tells me >  Firefox 60 on Windows 10

✗ Your web browser is out of date
Out of date web browsers can have security problems and may cause websites to 
not work properly.
You have version 60, why not upgrade to 86?



___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[David H. Durgee]

Ray Davison wrote:

David H. Durgee wrote:



I have no problem using the Chase web site as long as I tell them I am 
Firefox 68 via the User Agent option of PrefBar.  They are the only 
site I use regularly that requires me to pretend to be other than 
SeaMonkey, although others complain about using an "unsupported" browser.


This from the Pref Bar site.  Is there an option?

"⚠ Please be aware, that PrefBar is no longer maintained! It is not 
recommend to install any of these versions!
They most probably don't work well with current versions of SeaMonkey 
and they won't install at all on Firefox 57 and above! "


I have been using PrefBar for years, but there are other user agent 
switchers available as well.  As you see from another post in this 
thread you can also create a user.js entry to accomplish this on either 
a per site or general basis.


To answer a question you ask in that branch, yes similar entries MIGHT 
work at other domains.  I say MIGHT as the question then becomes have 
they started using features of Firefox that our current level of 
SeaMonkey does not yet implement?  If so, then the site might not look 
the same or in extreme cases might not work right.


So there is no answer to all sites other than to use a browser they 
specifically identify as supported by them in the case they actually 
make use of features supported only in those browsers.  Fortunately in 
most cases they are simply being lazy and don't want their "technical 
support" people to have to answer questions for any but a handful of 
"supported" browsers.  In those cases pretending to have that browser 
suffices to get by.


Dave
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Ray Davison]

David H. Durgee wrote:



I have no problem using the Chase web site as long as I tell them I am 
Firefox 68 via the User Agent option of PrefBar.  They are the only site 
I use regularly that requires me to pretend to be other than SeaMonkey, 
although others complain about using an "unsupported" browser.


This from the Pref Bar site.  Is there an option?

"⚠ Please be aware, that PrefBar is no longer maintained! It is not 
recommend to install any of these versions!
They most probably don't work well with current versions of SeaMonkey 
and they won't install at all on Firefox 57 and above! "



Ray
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Ray Davison]

Lemuel Johnson via support-seamonkey wrote:

On 1/25/2021 12:36 PM, Ray Davison wrote:

 I cannot use SM at Chase.


Chase works for me with:
general.useragent.override.chase.com:  Mozilla/5.0 (Windows NT 10.0; 
Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0


Every few months I have to update the "rv" and "Firefox" levels.


I pasted that into user.js, and Chase seems to work.

If I swap chase for some other bank's domain should that one stop 
complaining about unsupported?


TY
Ray

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Lemuel Johnson via support-seamonkey]

On 1/25/2021 12:36 PM, Ray Davison wrote:
 I cannot use SM at Chase.  



Chase works for me with:
general.useragent.override.chase.com:  Mozilla/5.0 (Windows NT 10.0; 
Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0


Every few months I have to update the "rv" and "Firefox" levels.

Lem Johnson
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[David H. Durgee]

Ray Davison wrote:

no...@nonospam.org wrote:
JavaScript is part of the problem. If I turn it off, the pages load 
partially and the browser doesn't lock up. But the pages don't format 
correctly and the site doesn't work as it should.


I looked at an ice cream offering and stopped there.  Link something 
that "doesn't work as it should" and I will see if I get the same result.


And what is "don't format correctly".  They seemed to look and work OK.

But don't think I am unconditionally defending SM.  I cannot use SM at 
Chase.  And on one site I went thru the complete buy process but the 
final button ignored me.  I had to run FF to complete the order.


Ray




I have no problem using the Chase web site as long as I tell them I am 
Firefox 68 via the User Agent option of PrefBar.  They are the only site 
I use regularly that requires me to pretend to be other than SeaMonkey, 
although others complain about using an "unsupported" browser.


Dave
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Ray Davison]

no...@nonospam.org wrote:
JavaScript is part of the problem. If I turn it off, the pages load 
partially and the browser doesn't lock up. But the pages don't format 
correctly and the site doesn't work as it should.


I looked at an ice cream offering and stopped there.  Link something 
that "doesn't work as it should" and I will see if I get the same result.


And what is "don't format correctly".  They seemed to look and work OK.

But don't think I am unconditionally defending SM.  I cannot use SM at 
Chase.  And on one site I went thru the complete buy process but the 
final button ignored me.  I had to run FF to complete the order.


Ray

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[notme]

JavaScript is part of the problem. If I turn it off, the pages load 
partially and the browser doesn't lock up. But the pages don't format 
correctly and the site doesn't work as it should.


John



Here it opens to a very busy script.  Other than that it looks like a 
normal site.


The site seems OK on FF.  No busy script.

In SM I closed the script and the site seems to work.  A box called the 
script "unresponsive".




--
Q: What's the quickest way to get a mailbox full of spam?
A: Post a message in any newsgroup using a real email address.

Therefore, please reply in this newsgroup. Thank you.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Ray Davison]

Ray Davison wrote:

no...@nonospam.org wrote:

Here it opens to a very busy script.  Other than that it looks like a 
normal site.


But that is SM 2.49.5 under Win7.  And based on what I have seen of 
"updates", I will be using both of them until they die.


The site seems OK on FF.  No busy script.

In SM I closed the script and the site seems to work.  A box called the 
script "unresponsive".


As I keep saying, newer is not always better.  OSs and apps, I install 
the new alongside the old, and do not get rid of the old until I am 
convinced I like the new better.


I have a bunch of newer versions of SM on the HDD, and each has several 
profiles to play with.  But I have not seen anything to make me change.


I have a couple laptops that came with WX.  I added W7.  They spend most 
of their time on the shelf.  I play with them once in a while.


Ray

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Ray Davison]

no...@nonospam.org wrote:

Here it opens to a very busy script.  Other than that it looks like a 
normal site.


But that is SM 2.49.5 under Win7.  And based on what I have seen of 
"updates", I will be using both of them until they die.


The site seems OK on FF.  No busy script.

Ray
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Dirk Fieldhouse]

On 24/01/2021 15:55, Cruz, Jaime wrote:

On 1/24/21 7:29 AM, no...@nonospam.org wrote:
I don't get any kind of a security violation notice or see anything 
about Imperva.

...>

A suggestion:  Go here: https://someonewhocares.org/hosts/

Download the text version of the "hosts" file.  Follow the directions to 
replace your PC's default "hosts" file and try it again.  This will 
block all known malicious sites and prevent them from loading.  As I 
posted earlier, I had no issues going to your original link using 
Firefox-ESR, it came right up.


Or, what happens with JS disabled? With NoScript installed you can first 
enable JS for the site itself and then see which other domains are being 
contacted for JS and (a) post the list here (b) enable one at a time, 
until the hang occurs.


Or, what happens with FF52ESR, FF60ESR?

Unfortunately users outside the USA won't be able to test the site 
itself since enabling the site's JS brings up the previously described 
Error 16 Imperva display.


/df

--
London
UK
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[WaltS48]

On 1/24/21 3:18 PM, no...@nonospam.org wrote:
Firefox is not the issue. The site works fine with Firefox and always 
has for me. The issue is that there is a critical incompatibility with 
SeaMonkey.


I prefer SeaMonkey because I like having the integrated mail/news 
client. But it seems more and more websites which work fine with Firefox 
don't work properly with SeaMonkey.


John



The integrated mail/news client does open in a separate window, can be 
setup to be the only window that opens in the preferences.


You could use SeaMonkey for mail/news and a different browser.

--
OS: Fedora 33 Workstation - Gnome Desktop
https://www.thunderbird.net/en-US/get-involved/

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[notme]

Firefox is not the issue. The site works fine with Firefox and always 
has for me. The issue is that there is a critical incompatibility with 
SeaMonkey.


I prefer SeaMonkey because I like having the integrated mail/news 
client. But it seems more and more websites which work fine with Firefox 
don't work properly with SeaMonkey.


John

Cruz, Jaime wrote:

On 1/22/21 8:00 PM, no...@nonospam.org wrote:

https://www.jewelosco.com

This is the site for a major grocery store and pharmacy chain. It 
locks up SeaMonkey v2.53.5.1 on a fully updated Windows 10 Pro system. 
Try to do anything and it shows "Not Responding".




 >

Out of curiosity I tried clicking the link and it came up just fine for 
me.  Using Firefox-ESR 78.7.0 64-bit under Ubuntu Linux 20.04.1





--
Q: What's the quickest way to get a mailbox full of spam?
A: Post a message in any newsgroup using a real email address.

Therefore, please reply in this newsgroup. Thank you.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Cruz, Jaime]

On 1/24/21 7:29 AM, no...@nonospam.org wrote:
I don't get any kind of a security violation notice or see anything 
about Imperva.


The page remains blank and just tries to load and never finishes 
loading. At the bottom of the GUI it says "waiting for" followed by a 
web address which is not always the same. It is impossible to navigate 
away from the page or close the tab. Any such attempt results in the 
"Not Responding" message in the title bar. With Windows Task Manager 
running, I can see the memory usage steadily climbing until it gets 
close to 2600 MB, at which point SeaMonkey crashes and the Mozilla Crash 
Reporter starts.


It is necessary to use Windows Task Manager to "end task" if you don't 
want to wait a few minutes for it to crash.


John



A suggestion:  Go here: https://someonewhocares.org/hosts/

Download the text version of the "hosts" file.  Follow the directions to 
replace your PC's default "hosts" file and try it again.  This will 
block all known malicious sites and prevent them from loading.  As I 
posted earlier, I had no issues going to your original link using 
Firefox-ESR, it came right up.



--
Jaime A. Cruz

Nassau Wings Motorcycle Club
http://www.nassauwings.org/

AMA District 34
https://www.amad34.org/
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Cruz, Jaime]

On 1/22/21 8:00 PM, no...@nonospam.org wrote:

https://www.jewelosco.com

This is the site for a major grocery store and pharmacy chain. It locks 
up SeaMonkey v2.53.5.1 on a fully updated Windows 10 Pro system. Try to 
do anything and it shows "Not Responding".




>

Out of curiosity I tried clicking the link and it came up just fine for 
me.  Using Firefox-ESR 78.7.0 64-bit under Ubuntu Linux 20.04.1



--
Jaime A. Cruz

Nassau Wings Motorcycle Club
http://www.nassauwings.org/

AMA District 34
https://www.amad34.org/
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[notme]

I don't get any kind of a security violation notice or see anything 
about Imperva.


The page remains blank and just tries to load and never finishes 
loading. At the bottom of the GUI it says "waiting for" followed by a 
web address which is not always the same. It is impossible to navigate 
away from the page or close the tab. Any such attempt results in the 
"Not Responding" message in the title bar. With Windows Task Manager 
running, I can see the memory usage steadily climbing until it gets 
close to 2600 MB, at which point SeaMonkey crashes and the Mozilla Crash 
Reporter starts.


It is necessary to use Windows Task Manager to "end task" if you don't 
want to wait a few minutes for it to crash.


John

Dirk Fieldhouse wrote:

On 23/01/2021 14:56, Don Spam's Reckless Son wrote:

no...@nonospam.org wrote:
Do I understand correctly that Imperva is security software the site 
is using to block access from "unapproved" browsers? If so, IMHO the 
SeaMonkey team at least needs to take steps to prevent this from 
locking up the browser as is happening now. I know how to kill the 
process with Task Manager, but less computer-savvy users may be stymied.


I assume your browser access is not being blocked and it's the actual 
page that's failing. The Imperva access denial page is very clear, as 
the Don describes.


We don't really know why Imperva is blocking access.  I did a web 
search on "website blocked by imperva" and one of the first links it 
threw up was 
https://docs.imperva.com/bundle/cloud-application-security/page/error-codes.htm 

Another was 
https://docs.imperva.com/bundle/cloud-application-security/page/settings/security-settings.htm 
- that could maybe help more.
There's a list of Client IDs and their codes in there, Firefox is 1, 
Seamonkey is 45.
When I try and access https://www.jewelosco.com/ I get Error 16 and 
the first link gives that as
The request was blocked based on your security settings (Bot Access 
Control or Block Specific Sources) in the Cloud Security Console. For 
details, see Web Protection - Security Settings.


Looking that one up (the last part of that text is a link), Block 
Specific Sources can be used to block countries, IP-ranges or URLs (!).

 >...

As UA spoofing is ineffective it's likely that we are being blocked for 
not being in the US and so not sufficiently interesting to the deluded 
site owner as potential customers. Apparently if a US resident goes 
abroad and wants to schedule a delivery for his/her/zer return he/she/ze 
has to have a US VPN.


/df



--
Q: What's the quickest way to get a mailbox full of spam?
A: Post a message in any newsgroup using a real email address.

Therefore, please reply in this newsgroup. Thank you.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Paul in Houston, TX]

no...@nonospam.org wrote:

SM 2.49.3.
I would be very careful with that site.

My Bluhell fire wall blocks the site.
Allowing the script to run takes over my SM browser.
This line does bad things:

Dept>Stack(d)}});var vb=new 
RegExp("^("+Ib+")(?!px)[a-z%]+$","i"),rb=function(a){var 
b=a.ownerDocument.defaultView;return 
b&||(b=g),b.getComputedStyle(a)},Kb=function(a,b,d){var 
c,e={};for(c in b)e[c]=a.style[c],a.style[c]=b[c];for(c in 
d=d.call(a),b)a.style[c]=e[c];return d},Zb=new 
RegExp(ca.join("|"),"i");!function(){function 
a(){if(m){n.style.cssText="position:absolute;left:-1px;width:60px;margin-top:1px;padding:0;border:0";


Script kiddies fed a line of BS to Safeway / Albertsons IT Dept.
I've seen it happen at many companies.
Everyone likes to be the first on their block with 2021 scripting.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Dirk Fieldhouse]

On 23/01/2021 14:56, Don Spam's Reckless Son wrote:

no...@nonospam.org wrote:
Do I understand correctly that Imperva is security software the site 
is using to block access from "unapproved" browsers? If so, IMHO the 
SeaMonkey team at least needs to take steps to prevent this from 
locking up the browser as is happening now. I know how to kill the 
process with Task Manager, but less computer-savvy users may be stymied.


I assume your browser access is not being blocked and it's the actual 
page that's failing. The Imperva access denial page is very clear, as 
the Don describes.


We don't really know why Imperva is blocking access.  I did a web search 
on "website blocked by imperva" and one of the first links it threw up 
was 
https://docs.imperva.com/bundle/cloud-application-security/page/error-codes.htm 

Another was 
https://docs.imperva.com/bundle/cloud-application-security/page/settings/security-settings.htm 
- that could maybe help more.
There's a list of Client IDs and their codes in there, Firefox is 1, 
Seamonkey is 45.
When I try and access https://www.jewelosco.com/ I get Error 16 and the 
first link gives that as
The request was blocked based on your security settings (Bot Access 
Control or Block Specific Sources) in the Cloud Security Console. For 
details, see Web Protection - Security Settings.


Looking that one up (the last part of that text is a link), Block 
Specific Sources can be used to block countries, IP-ranges or URLs (!).

>...

As UA spoofing is ineffective it's likely that we are being blocked for 
not being in the US and so not sufficiently interesting to the deluded 
site owner as potential customers. Apparently if a US resident goes 
abroad and wants to schedule a delivery for his/her/zer return he/she/ze 
has to have a US VPN.


/df

--
London
UK
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Don Spam's Reckless Son]

no...@nonospam.org wrote:
Do I understand correctly that Imperva is security software the site is 
using to block access from "unapproved" browsers? If so, IMHO the 
SeaMonkey team at least needs to take steps to prevent this from locking 
up the browser as is happening now. I know how to kill the process with 
Task Manager, but less computer-savvy users may be stymied.


John



We don't really know why Imperva is blocking access.  I did a web search 
on "website blocked by imperva" and one of the first links it threw up 
was 
https://docs.imperva.com/bundle/cloud-application-security/page/error-codes.htm
Another was 
https://docs.imperva.com/bundle/cloud-application-security/page/settings/security-settings.htm 
- that could maybe help more.
There's a list of Client IDs and their codes in there, Firefox is 1, 
Seamonkey is 45.
When I try and access https://www.jewelosco.com/ I get Error 16 and the 
first link gives that as

The request was blocked based on your security settings (Bot Access Control or 
Block Specific Sources) in the Cloud Security Console. For details, see Web 
Protection - Security Settings.


Looking that one up (the last part of that text is a link), Block 
Specific Sources can be used to block countries, IP-ranges or URLs (!).
Bot Access Control works on Client IDs from that list and my guess is 
that the customer - jewelosco.com - has not whitelisted Seamonkey, an 
alternative would be a bug on the Imperva side where it is not 
recognising Seamonkey in the first place.

I am not in the US, maybe my Code 16 is down to that.
Your Seamonkey just hangs?  Different error.


--
spammo ergo sum, viruses courtesy of https://www.nsa.gov/malware/
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[notme]

Do I understand correctly that Imperva is security software the site is 
using to block access from "unapproved" browsers? If so, IMHO the 
SeaMonkey team at least needs to take steps to prevent this from locking 
up the browser as is happening now. I know how to kill the process with 
Task Manager, but less computer-savvy users may be stymied.


John

Dirk Fieldhouse wrote:

On 23/01/2021 09:18, Don Spam's Reckless Son wrote:

no...@nonospam.org wrote:
...>

Two possible workarounds here:
1 - about:config and then modify 
general.useragent.compatMode.strict-firefox (you may well have to 
restart Seamonkey before the change becomes active).

...


UA spoofing didn't seem to break through the Imperva thing. It might 
help once you actually reach a page served by the company that does not 
show its pages.


/df



--
Q: What's the quickest way to get a mailbox full of spam?
A: Post a message in any newsgroup using a real email address.

Therefore, please reply in this newsgroup. Thank you.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Dirk Fieldhouse]

On 23/01/2021 09:18, Don Spam's Reckless Son wrote:

no...@nonospam.org wrote:
...>

Two possible workarounds here:
1 - about:config and then modify 
general.useragent.compatMode.strict-firefox (you may well have to 
restart Seamonkey before the change becomes active).

...


UA spoofing didn't seem to break through the Imperva thing. It might 
help once you actually reach a page served by the company that does not 
show its pages.


/df

--
London
UK
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Don Spam's Reckless Son]

no...@nonospam.org wrote:

https://www.jewelosco.com

This is the site for a major grocery store and pharmacy chain. It locks 
up SeaMonkey v2.53.5.1 on a fully updated Windows 10 Pro system. Try to 
do anything and it shows "Not Responding".


It is necessary to use Task Manager to kill the process to get out of 
it. Task Manager shows it is using a huge amount of memory (Over 1GB) 
while trying to load the site. I have never seen a site that is so 
totally incompatible with SeaMonkey, and this is a large corporation 
which makes it particularly egregious.


This is critical because the site will be allowing customers to sign up 
for Covid-19 vaccinations at local pharmacies within a few days.


This is not a recent problem. I have been using Firefox as an 
alternative. But now I get an email with a link to a location on this 
site for vaccine signup and I can't use it.


Jewel-Osco is part of the Safeway/Albertsons chain, and the email link 
actually points to a location on their site, which seems to be 
interconnected and has the same problem.


Here is that link:
https://click.email.safeway.com/?qs=e10b65d13a9b9d398e6144d2fe0737fc3111c383162265cda4969e284a29d815e7cfc1fcbc31cbbd7840ba3d1d758647eef30b7ce6211e885d5469b7c597d375 



I know SeaMonkey v2.53.6 was just released, but I'm not ready to try it 
just yet.


I have been using SeaMonkey for years but I'm running out of patience 
with it.


John


Two possible workarounds here:
1 - about:config and then modify 
general.useragent.compatMode.strict-firefox (you may well have to 
restart Seamonkey before the change becomes active).
2 - Right-Click on the link "Copy link location", feed it into Firefox - 
or some other browser.


--
spammo ergo sum, viruses courtesy of https://www.nsa.gov/malware/
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Daniel]

no...@nonospam.org wrote on 23/01/21 12:00:

https://www.jewelosco.com

This is the site for a major grocery store and pharmacy chain. It locks 
up SeaMonkey v2.53.5.1 on a fully updated Windows 10 Pro system. Try to 
do anything and it shows "Not Responding".


For what it's worth, my SM 2.49.1 on Linux gives

Quote
Access denied
Error 16
www.jewelosco.com
2021-01-23 03:54:17 UTC
What happened?
This request was blocked by the security rules
Your IP: 203.214.86.23
Proxy IP: 45.60.16.113 (ID 10607-100)
Incident ID: 607000260008177887-102572035340699269
Powered by imperva
End Quote
--
Daniel

User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 
SeaMonkey/2.53.5.1 Build identifier: 20201115194905


Linux User agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) 
Gecko/20100101 SeaMonkey/2.49.1 Build identifier: 20171015235623

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[David E. Ross]

On 1/22/2021 5:00 PM, no...@nonospam.org wrote:
> https://www.jewelosco.com
> 
> This is the site for a major grocery store and pharmacy chain. It locks 
> up SeaMonkey v2.53.5.1 on a fully updated Windows 10 Pro system. Try to 
> do anything and it shows "Not Responding".
> 
> It is necessary to use Task Manager to kill the process to get out of 
> it. Task Manager shows it is using a huge amount of memory (Over 1GB) 
> while trying to load the site. I have never seen a site that is so 
> totally incompatible with SeaMonkey, and this is a large corporation 
> which makes it particularly egregious.
> 
> This is critical because the site will be allowing customers to sign up 
> for Covid-19 vaccinations at local pharmacies within a few days.
> 
> This is not a recent problem. I have been using Firefox as an 
> alternative. But now I get an email with a link to a location on this 
> site for vaccine signup and I can't use it.
> 
> Jewel-Osco is part of the Safeway/Albertsons chain, and the email link 
> actually points to a location on their site, which seems to be 
> interconnected and has the same problem.
> 
> Here is that link:
> https://click.email.safeway.com/?qs=e10b65d13a9b9d398e6144d2fe0737fc3111c383162265cda4969e284a29d815e7cfc1fcbc31cbbd7840ba3d1d758647eef30b7ce6211e885d5469b7c597d375
> 
> I know SeaMonkey v2.53.6 was just released, but I'm not ready to try it 
> just yet.
> 
> I have been using SeaMonkey for years but I'm running out of patience 
> with it.
> 
> John
> 

You might try contacting their corporate headquarters.  Do it as a
letter via the Postal Service, not via E-mail.  Send it to the CEO.
Point out that limiting what browsers can be used will also limit their
customer base.

A WhoIs quesry on the domain jewelosco.com revealed two addresses:

Registrant Name: Safeway Inc
Registrant Organization: Safeway Inc
Registrant Street: 31ST ST COR 2ND AVE
Registrant City: TAGUIG CITY
Registrant State/Province: CA
Registrant Postal Code: 1634
Registrant Country: PH
(Philippines??)

Admin Organization: Safeway Inc
Admin Street: 11555 DUBLIN CANYON RD
Admin City: Pleasanton
Admin State/Province: CA
Admin Postal Code: 94588-2815
Admin Country: US
(California in the United States)

You might try Yahoo's  to get the name
and address of the CEO of Albertson's, which seems to own Safeway which,
in turn, seems to own Jewel.

-- 

David E. Ross
.

The only reason we have so many laws is that not enough people will do
the right thing.  (© 1997 by David Ross)

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: An important site that doesn't work with SeaMonkey

[Dirk Fieldhouse]

On 23/01/2021 01:00, no...@nonospam.org wrote:

https://www.jewelosco.com

This is the site for a major grocery store and pharmacy chain. It locks 
up SeaMonkey v2.53.5.1 on a fully updated Windows 10 Pro system. Try to 
do anything and it shows "Not Responding".

...


Blocked by "Imperva" for me, before even reaching the listed pages on 
the site.


/df

--
London
UK
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey