Bug #2939
[iceweasel]: cannot log into some webstes with "tracking detection" enabled
0%
Description
Hi,
I am using "Iceweasel 81.0.2" on the GNU/Linux distribution Parabola. I can log in with e-mail address and password to:
https://www.fairphone.com
without problems.
I cannot log in with e-mail address and password to:
https://support.fairphone.com
Note 1: the 2 websites use different accounts
Note 2: "support.fairphone.com" embeds "fairphone.zendesk.com", see error message below
After entering e-mail and password I am redirected to:
https://support.fairphone.com/access/unauthenticated
and I see the text:
---8<---
Iceweasel Can’t Open This Page
To protect your security, fairphone.zendesk.com will not allow Iceweasel to display the page if another site has embedded it. To see this page, you need to open it in a new window.
Learn more…
[Open Site in a New Window]
Report errors like this to help Mozilla identify and block malicious sites
---8<---
Clicking on [Open Site in a New Window] does not help.
Using "New Private Window" mode or new profiles (killall /usr/lib/iceweasel/iceweasel ; mv ~/.mozilla{,.temp} ; iceweasel) does not fix the problem.
"IceCat 60.7.0esr" and "Iceweasel 81.0.2" have the problem and are provided by Parabola repositories.
How can I make log in work with these browsers?
Using "Firefox latest 81.0.2":
https://download-installer.cdn.mozilla.net/pub/firefox/releases/81.0.2/linux-x86_64/en-US/firefox-81.0.2.tar.bz2
on Parabola I can log in to support.fairphone.com with e-mail and password.
Thank you for your help.
History
Updated by bill-auger over 3 years ago
someone noted a similar issue with gitlab login - probably best
to see if the next iceweasel has the same behavior, and proceed
from there
Updated by rlgh over 3 years ago
This might be irrelevant, but have you tried disabling Enhanced Tracking Protection? It's broken at least two login pages for me.
Updated by bill-auger over 3 years ago
i have also noticed recently, that some websites do not work as
expected, if geo-location is disabled
Updated by sobek over 3 years ago
Thank you. With "Enhanced Tracking Protection" disabled it works! In preferences I switch to "custom mode" and found out that the cookie options:
- All third-party cookies (may cause websites to break) # default value
- All cookies (will cause websites to break)
break the login. The other 2 options are fine. Firefox uses one of the other 2 options.
To the left of Iceweasel's URL bar the shield icon presents the option "Site fixed? Send report". Should I use it?
Updated by bill-auger over 3 years ago
- Status changed from unconfirmed to not-a-bug
- Subject changed from cannot log in to https://support.fairphone.com to [iceweasel]: cannot log into some webstes with "tracking detection" enabled
GJ rlgh :)
sobek - im not sure what that button does - presumably, it sends
a report to mozilla to help improve the tracking detection - maybe it is explained on the the mozilla website or forums
Updated by sseneca about 3 years ago
I'm getting this problem too, and have been for some time.
Unfortunately, disabling Enhanced Tracking Protection doesn't solve the issue for me. I've also tried with a fresh profile (from about:profiles) with no addons, no trackers or cookies blocked, and it still doesn't work.
Needless to say I have no interest in ever using GitLab again. I just want to login so I can delete my account.
Updated by bill-auger about 3 years ago
WRT gitlab, i noticed that the login screen is returning a 5xx error in an endless loop - AFAIC, that is a bug in the gitlab software - 5xx-class errors are fatal (pathological) (ie: ideally, they should never happen in production) - it should be reported as a bug to the gitlab dev team - i suspect that it probalby already is
Updated by bill-auger about 3 years ago
FWIW, gitlab just got demoted from the FSF list of ethical code
hosts
https://lists.gnu.org/archive/html/repo-criteria-discuss/2021-03/msg00000.html
Updated by bill-auger about 3 years ago
still broken with iceweasel 86, icecat also - there are multiple tickets on the gitlab bug tracker, noting that the cookie expiration is borked somehow - the headers of the 503 error show the expiration as jan 01 1970
i found another website that exhibits the same behavior as gitlab - this one notes that cloudflare is guarding entry to the server
also, other gitlab instances work fine ( eg: gitlab.freedesktop.org )
the headers of the 503 error on gitlab.com, show "server: cloudflare" - probably not a coincidence
i suspect now, that this is not a bug in the gitlab software; but a third-party service, which is blocking certain browsers, per some yet unknown criteria
Updated by bill-auger about 3 years ago
i deleted ~/.mozilla/firefox - now, i can get the gitlab.com login form with iceweasel
that trick did not work for icecat though