[Linux] Video playback broken on x.com and reddit.com in Opera GX 132 (Chromium 148) — anyone else? Detailed diagnosis inside
Hey r/operagx,
I've been chasing a video playback bug on Opera GX 132 for a while and I think I've narrowed it down. Posting here because I want to know if other Linux users are seeing this, and I figured the diagnosis might help the community and the devs lurking here.
TL;DR: Videos on x.com (and reddit.com via embedded Twitter posts) show the poster frame for half a second, then throw a "Media could not be played" error. Multiple Chromium flag combinations were tested, and none of them fixed it. The root cause is an upstream Chromium 148 security regression regarding stricter CSP enforcement around srcdoc iframes colliding with x.com's player architecture. Firefox and older Chrome stable are completely unaffected.
Environment: Debian Trixie (Testing/Sid), Niri Wayland compositor, Mesa 26.0.8. Opera GX is launched via XWayland with --ozone-platform=x11 (required for window management stability on Niri). Mods/themes are active.
Symptoms: The video element renders the initial thumbnail/poster for ~500ms, then drops into "Media could not be played". DevTools Console reveals two specific CSP violations originating from about:srcdoc and blocked data: URI fetches.
The Real Root Cause (Chromium 148 CSP Collision) This is a silent, deterministic failure cascade triggered by strict W3C CSP Level 3 enforcement rules matching inside the 148 core:
- srcdoc iframe restriction: x.com builds its web player framework inside an iframe srcdoc="". Cryptographic nonces from the parent document do not propagate into opaque srcdoc boundaries. Because a nonce is active on the parent, the engine discards 'unsafe-inline'. Thus, X's inline initialization scripts inside the iframe are flatly blocked by the browser.
- connect-src data: URI block: The player attempts to fetch the AMD FidelityFX-CAS shader encoded directly as a data:text/plain;base64,... URI string. This fetch violates the parent's connect-src because the data: scheme is not whitelisted by the site headers.
What I tried (Flags Attempted) Here is the quick list of everything we tested that fails to fix the issue:
- Default configuration / X11 wrapper: Broken.
- Adding --disable-features=ExtensionContentVerification: Broken (Opera GX uses its own internal verifier).
- Adding --use-gl=swiftshader (Software CPU decoding): Browser becomes laggy but video remains broken. This proves the GPU/Mesa presentation stack is not the primary cause.
- Adding --disable-features=WebGPU: Causes a SEGFAULT during the browser init loop.
- Adding --disable-features=WebGPU,WebGL --no-sandbox: Browser remains stable, but video stays broken and CSP errors persist.
Note on YouTube: Regular YouTube videos work flawlessly because they avoid the nested srcdoc layout. YouTube Live Streams do fail, but with a completely different symptom ("Se ha producido un error" + Playback ID) which points to a separate failure path.
Current Status & Workaround I have formally filed this bug report with the Opera Desktop engineering team via Jira Service Management under tracking reference GB-80414 to log the Chromium 148 lifecycle behavior, as well as reaching out to the X Developer community.
For now, the only solid workaround for viewing videos on x.com or Reddit is to temporarily swap to Firefox 128+ or an older stable Chrome build (Chromium <= 138) which handles the srcdoc security inheritance context leniently.
Full Technical Analysis & Logs The complete diagnostic record, full flag outcomes, and the Mermaid execution cascade diagram are published in this live Gist:https://gist.github.com/louzt/77f0804ca11bad6636f0ac67928bd384
If you're on Linux and seeing this 500ms video drop, please chime in! It would be awesome to confirm your compositor (Niri, Sway, Hyprland?) and whether you see the same behavior on single-display setups.