daniebker
commented
3 years ago After further investigation we've seen that we're no longer serving the script that triggered the ban, it was deactivated a few months ago, (https://tags.cdn.vpsvc.com/utag/vprt/prf-main/prod/utag.25835.js?utv=ut4.45.201903251446) The script is still accessible through the cdn but it is no longer actively used on our site.
vpsvc.com is the backing CDN and API service for vistaprint.com. The result of blocking the domain is causing all other scripts, css, and images to fail. This is preventing our customers from using our site.
We recently discovered that, as part of the new privacy features that Firefox includes, one of our domains and all its subdomains has been flagged as fingerprinting. (details here: https://github.com/disconnectme/disconnect-tracking-protection/blob/master/descriptions.md#VistaprintSchweizGmbH)
We understand the reason why it was flagged, and will be working with the appropriate team to remove the specific script that was identified as Advertising & FingerprintingInvasive: https://tags.cdn.vpsvc.com/utag/vprt/prf-main/prod/utag.25835.js?utv=ut4.45.201903251446
However, while blocking that script, all subdomains of vpsvc.com have been blocked as well (see commit in github), and as you can see in the screenshot while browsing on www.vistaprint.com, some of those domains are extremely important for our site to work:
Ui-library.cdn.vpsvc.com -> servers static assets for our UI/component library (CSS&JS) cms.cdn.vpsvc.com -> exposes our CMS’s API to retrieve data to show client-side cms.cloudinary.vpsvc.com -> API that expose our image assets
Because of that, our site can’t load stylesheets, or data that is required for it to properly work: Compare Firefox (first image) with chrome (second image).
Can we remove vpsvc.com from the block list?