The embed page shows “Loading discussion…” for about 30 seconds.
Then I see this in the console:
Unrecognized Content-Security-Policy directive 'worker-src'.
Unrecognized Content-Security-Policy directive 'worker-src'.
Unable to post message to https://forum.nsscreencast.com. Recipient has origin https://nsscreencast.com.
I presume this is to have the iframe self-size after content is loaded. When I run this in a Chromium-based browser I don’t get this error.
Is there something I need to configure to get this postMessage flow working in Safari?
This is something we are going to fix soon. We rely on the referer for embed requests to check if they are allowed, but recent changes to browsers broke a lot of our assumptions in this area.
It is working, however the first post seems to load a long time and often doesn’t refresh on its own. After that I can see “Start Discussion” or the actual replies.
So the first person to visit a blog post with comments will have to refresh it to see the embed, all subsequent visits will work. We have a proposed fix already and will merge it in a few weeks.
Thanks for the quick reply. Anything I can do in the meantime to get around this? i.e. implementing some custom JS on the embedding site?