The web app was working earlier this week but now it won’t connect (the app loads but it just sits on the “connecting” spinner). I see this error in the console:
Access to XMLHttpRequest at 'http://192.168.1.23:8887/server/capabilities' from origin 'http://my.tablotv.com' has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space `private`
My web app stopped working about a week ago, seems to be aligned with the update. The Tablo app also does not connect, but devices like Roku work just fine. Does not solve my need to connect on my PC via the web interface thought. Are they purposely deprecating this feature as they don’t support it on Gen 4, so this is a way to convince people to “upgrade” to Gen 4?
This flag in Chrome did fix things for me (you have to get your Tablo’s ip from the console log errors) but I don’t think this is worth fixing it for Chrome (so long as it continues to work in Safari or Firefox):
Just installed FireFox and it works fine. Why do we need to perform website roulette to find the one that works? Why is it so difficult for Tablo to make the Webapp work across the browsers? Why does it work on some, not others, and then why does the success rotate through the apps?
Chrome is tightening security around web apps talking to each other and around using non-https sites. CORS = Cross Origin Resource Sharing.
Firefox hasn’t tightened said security. There are fun conspiracy theories about this but I’d wager there are real reasons to do this and as Chrome is used by a lot more users, they did it. But Firefox is struggling to stop losing users and so they don’t want to give them a reason to switch browsers. But I don’t really know enough about CORS to have an opinion and this is all a wild guess.
I saw something about local database solutions too (web SQL vs indexDB) but I’m not entirely sure if that’s relevant.
So it isn’t totally Tablo’s fault. What is their fault is not investing eng time in keeping the web app working. I have no idea how hard it would be to fix things or how many users these issues impact. I fear it is costly and impacts few users.
It’s wise to be cautious. If you go into the details page for an extension you have installed, you can restrict it to only be enabled on domains that you add to an allow-list. (For Easy CORS, it’s “chrome://extensions/?id=gcdaaelgdlicnnichhholnoagafangej” – you probably will need to copy and paste the URL. Other Chromium-based browsers will redirect from “chrome://” to their own name.)
In this case it’s because Google decided to tighten security in Chrome (and other Chromium-based browsers). “Rotate”? Do you mean the web app not fully working in Firefox when it was first released?
But, if you noticed, they are only selling Dual Lites and no Quads. My guess is that they are just selling the stock they still had on order when Scripps decided to go a different way with the Gen 4 models or stock that was returned from Amazon and Best Buy when the new models came out.