Open Bug 1451762 Opened 6 years ago Updated 3 months ago

Inappropriate message "You must enable DRM to play some audio or video on this page"

Categories

(Firefox :: Messaging System, defect, P3)

Product:
Firefox
Component:
Messaging System
Version:
61 Branch
Type:
defect

Tracking

()

People

(Reporter: ambrose.li, Unassigned)

References

(Blocks 1 open bug)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:61.0) Gecko/20100101 Firefox/61.0
Build ID: 20180404224504

Steps to reproduce:

1. Disable DRM

2. Right click on a video on a page with DRM video (e.g., https://www.ctvnews.ca/canada/montreal-mom-uses-carpool-lane-with-daughter-still-gets-ticket-1.3871852 )


Actual results:

3. Firefox pops up the "You must enable DRM to play some audio or video on this page" message


Expected results:

If the user has chosen to disable DRM they want to ignore all DRM content. They shouldn't be constantly nagged to enable something they don't want.
Severity: normal → enhancement
Status: UNCONFIRMED → NEW
Component: Untriaged → Audio/Video
Ever confirmed: true
Product: Firefox → Core
Component: Audio/Video → Audio/Video: Playback
I stumbled on this bug in a different use case.

* A friend sends me a link to a forum post: http://www.cyberforum.ru/dump/thread2246232.html
* I click that link in order to read the post and comments there.
* A script on that forum wants to show me an ad. It tries to autoplay a video.
* The video in question is DRM-protected.
* Firefox shows me the yellow nag bar, telling me that I “must” enable DRM to [blah blah didn’t read any further].
* I do not care at all for any video or audio on that page. I carefully dismiss the nag bar. A few seconds later, the script tries to autoplay another (or possibly the same) video, so the nag bar pops up again.

I have two suggestions.

First, in case DRM is disabled in preferences and the user has not indicated in any way that they want to watch or listen to anything, do not display the nag bar.

Second, if the user does indicate that desire, pop up a bar that informs them that the video or audio in question is DRM-restricted. Do not use any “must” or “need” or even “should” modals. Treat the need to enable DRM in the same way as the need to make an exception to the pop-up blocker: provide a menu button with one item that allows DRM for this one media file, and another to enable DRM globally.
As of 2018-05-27, Mozilla 61.0b8 (64-bit), I confirm that this bug still is present. The steps to reproduce provided by Ambrose Li are accurate.
+1 on changing this behavior.  It's both irritating and completely contrary to Mozilla's mission of an open web.
Nils, do you have any thoughts on this?
Flags: needinfo?(drno)
Priority: -- → P3
I actually fail to reproduce this. Disabling DRM on my Mac and visiting these sites and attempting a right click on the video from the description does not result in any DRM popups for me. Maybe because I have Widevine installed already. Or do these pop-ups only ever show up on Linux only? Or only when you never installed Widevine?

I think the description from comment #1 actually sounds to me more like requesting to block autoplay in general: if you visit a page where you want to read something and the page starts playing videos, which you don't want, request Firefox to not play the videos no matter if they are DRM protected or not.

In general I can understand that if the user explicitly turned off DRM in the settings, that he/she doesn't want to see the prompt over and over again. But I think it really only should be suppressed if we know the user has explicitly turned off DRM playback (oppose to DRM was not enabled by default - in that case we should show the pop up to inform the user why content is not playing).
Flags: needinfo?(drno)
(In reply to Nils Ohlmeier [:drno] from comment #5)
> I actually fail to reproduce this. Disabling DRM on my Mac and visiting
> these sites and attempting a right click on the video from the description
> does not result in any DRM popups for me. Maybe because I have Widevine
> installed already. Or do these pop-ups only ever show up on Linux only? Or
> only when you never installed Widevine?

I have never heard of Widewine, so you are correct that I have never installed it.

> I think the description from comment #1 actually sounds to me more like
> requesting to block autoplay in general: if you visit a page where you want
> to read something and the page starts playing videos, which you don't want,
> request Firefox to not play the videos no matter if they are DRM protected
> or not.

This is false. This was happening way before autoplay blocking was implemented even in Nightly. The two are completely unrelated.

> In general I can understand that if the user explicitly turned off DRM in
> the settings, that he/she doesn't want to see the prompt over and over
> again. But I think it really only should be suppressed if we know the user
> has explicitly turned off DRM playback (oppose to DRM was not enabled by
> default - in that case we should show the pop up to inform the user why
> content is not playing).

This is also false. DRM is enabled by default; disabling DRM is always an explicit user action. There is no such thing as DRM being not enabled by default.
(In reply to Ambrose Li from comment #6)

> This is also false. DRM is enabled by default; disabling DRM is always an
> explicit user action. There is no such thing as DRM being not enabled by
> default.

An opinionated GNU/Linux distribution could, in theory, deliver Firefox with DRM disabled by default. I do not know if any such distribution actually exists.

However, even if that were the case, the message should be more neutral, saying something like “this video is DRM-protected, so Firefox will not play it, as specified in your preferences”. (There could be hyperlinks pointing to an explanation why DRM is undesirable, and to the relevant preferences page.)
(In reply to Yuri Khan from comment #7)
> However, even if that were the case, the message should be more neutral,
> saying something like “this video is DRM-protected, so Firefox will not play
> it, as specified in your preferences”. (There could be hyperlinks pointing
> to an explanation why DRM is undesirable, and to the relevant preferences
> page.)

IMO the message should just not be displayed. It’s okay to display it exactly once (or after prefs have been toggled)—throughout the entire lifetime of the Firefox install, not throughout the lifetime of a session. It is just rude and disrespectful to nag the user about DRM even though the user has made it clear that they don’t want to deal with DRM content.

(Right now it’s not even displayed once during the lifetime of a session; it’s displayed every single time DRM content is found on a page. This is just wrong.)

Otherwise the “message” should be just an inconspicuous icon, like how Firefox distinguishes between encrypted and unencrypted pages.
A workaround which seems to work for me is to disable the following in about:config :

media.gmp-widevinecdm.enabled
media.gmp-widevinecdm.visible
Hi!  Just wanted to say I have this problem, too.  

The message pops up whenever I click on an article which happens to contain a drm vid.  Please note that I am only trying to read the article, NOT play the embedded vid.  I suspect Firefox is trying to play it just because it is there, triggering the message.  I agree with the suggestion that the message should be displayed once per session.  I should also tell you this happens so often and is so annoying, that I am on the verge of moving to a different browser - if I can find one that doesn't have this issue.

Thanks for your help and your time.
I hadn't seen this message for a while, and I thought it must have been fixed. Actually, I think it's 'cause I browse with NoScript and Ublock Origin. I went to do something in a 'clean' browser profile, and up it came. 

So, a solution is to browse with plugins that block all the rubbish by default.
I am now getting this on AliExpress, every page. I’m not even seeing the audio or video element that is causing the message, and it’s not making it easy for me to know what to add to my blocking rules.
+1 to comment 12

I get this frequently there.  I really don't want this (BRIGHT!) yellow bar so often.  I would prefer it to be like the Flash dialog, which I can say "never" to, per-site.
Firefox 56.2.3 bug still persists.

It's not the "You must enable DRM...", but "Any DeRMo support must be done as TOATALLY EXTERNAL MODULE with ABSOLUTELY NO SPECIAL SUPPORT in FF" since Mozilla principles (https://www.mozilla.org/en-US/about/manifesto/details/) state:

2. The Internet is a global public resource that must remain open and accessible.
7. Free and open source software promotes the development of the Internet as a public resource.
8. Transparent community-based processes promote participation, accountability and trust.
(In reply to heaven-seven from comment #14)
> Firefox 56.2.3 bug still persists.
> 
> It's not the "You must enable DRM...", but "Any DeRMo support must be done
> as TOATALLY EXTERNAL MODULE with ABSOLUTELY NO SPECIAL SUPPORT in FF" since
> Mozilla principles (https://www.mozilla.org/en-US/about/manifesto/details/)
> state:
> 
> 2. The Internet is a global public resource that must remain open and
> accessible.
> 7. Free and open source software promotes the development of the Internet as
> a public resource.
> 8. Transparent community-based processes promote participation,
> accountability and trust.

+1
(In reply to Ron Kaminsky from comment #9)
> A workaround which seems to work for me is to disable the following in
> about:config :
> 
> media.gmp-widevinecdm.enabled
> media.gmp-widevinecdm.visible

Thank you very much, this works.

Actually, only media.gmp-widevinecdm.visible is needed, but I have both switched them off anyway.
Every Aliexpress product page shows the yellow warning since a few weeks, it was very upsetting...

Shame on Mozilla to burry the setting in obscure about:config entries.
I even tried to install the Firefox EME free version, and the infamous message still appears !
(In reply to mooms from comment #16)
> (In reply to Ron Kaminsky from comment #9)
> > A workaround which seems to work for me is to disable the following in
> > about:config :
> > 
> > media.gmp-widevinecdm.enabled
> > media.gmp-widevinecdm.visible
> 
> Thank you very much, this works.


yup, thanks for this! i was getting that DRM message all over aliexpress, it's gone now :) now, if they just add a "Don't ask me again" checkbox to the message, that _should_ close this bug, right?
I just got this on 65.0a1 (2018-12-09). I’ve been getting the (very unhelpful, IMO) audio blocking popups on other sites, so this proves the two issues are unrelated.

The site that triggered the DRM popup was https://abc7ny.com/4868592/ ; I have a screen cap if it’s useful.
(In reply to jonqrandom from comment #17)
> > > A workaround which seems to work for me is to disable the following in
> > > about:config :
> > > 
> > > media.gmp-widevinecdm.enabled
> > > media.gmp-widevinecdm.visible
> > 
> > Thank you very much, this works.
> 
> 
> yup, thanks for this! i was getting that DRM message all over aliexpress,
> it's gone now :) now, if they just add a "Don't ask me again" checkbox to
> the message, that _should_ close this bug, right?

If they just as easy and simple as switch off "media.gmp-widevinecdm" options by default, that _will_ close this bug.

(In reply to Ron Kaminsky from comment #9)

A workaround which seems to work for me is to disable the following in
about:config :

media.gmp-widevinecdm.enabled
media.gmp-widevinecdm.visible

I can confirm that this works for me as well, on other profile that doesn't have noscript.

Also, I just found (I think) the original "bug" which is causing all this angst. https://bugzilla.mozilla.org/show_bug.cgi?id=1234355
'Remove "Don't ask me again" footgun option from the "enable DRM" info bar notification'

We should replace the "You must enable DRM to play some audio or video on this page" info bar's "Options" drop-down menu with a "Not Now" button. If we allow the user to "Don't ask me again", then they will get into a state where they don't know why Netflix doesn't work. If this message is nagging the user too much, then they should either enable the Adobe CDM or stop trying to play DRM video with DRM disabled!'

Right. It's not that I'm /trying/ to play DRM video, it's more than the website is trying, because Firefox is ignoring my explicit instructions to not allow DRM...

And I posted that too soon, I meant to also say, the footgun is making it too easy to re-enable DRM when one doesn't want it.

It's very annoying this alert and very intrusive.
Mozilla STOP THIS SPAM now!

Please fix so annoying.

This really needs to go. I explicitly disabled DRM videos and I am fully aware that I'm not going to be able to see certain ads. I'm fine with that. I am not aware of any Firefox installation that come with DRM disabled by default and if anyone ever used one, it would probably be to avoid crap like this.

This bug was reported more than a year old and is still not fixed...Come on Mozilla !

@Fedge:

Disable the following in about:config

media.gmp-widevinecdm.enabled

Please fix it, I am waiting more big and popular websites asks for DRM!

Retina-burning YELLOW bar! Keeps POPPING!

More attention-grabbing than 'popup block' or 'flash plugin' or any other serious warnings; absurd.

  1. Is DRM more imortant than anything else on the internet?
  2. If you disabled something, knowingly and intentionally, should it keep flashing yellow messages?

I have it atseveral stations and users keep asking me. We may have to replace a browser.

I'm encountering this bug for the first time, I get the "You must enable DRM [...]" yellow warning bar at the top of EVERY Google search, I've:

  • Play DRM-controlled content == UNCHECKED
  • media.gmp-widevinecdm.enabled == false
  • media.gmp-widevinecdm.visible == false
  • Firefox 70.0.1 (64-bit) (downloaded & installed from Mozilla, not the distribution package)
  • Ubuntu 18.04.3 LTS

Steps to replicate:

Looking at the patch which fixed "Bug" 1234355 it looks to me like if

"browser.eme.ui." + bar.value + ".disabled"

is set to "true" in about:config (for the correct value of bar.value)

then this bug might have a better workaround? Unfortunately I have no idea what to stick in there instead of bar.value... I suppose one might be able to find out by installing a really old version of Firefox before the patch which removed the "don't ask again" option, enabling that option, and looking around in about:config or prefs.js ..

Posting this because of Nanzikambe having trouble with my original workaround

(In reply to Nanzikambe from comment #28)

I'm encountering this bug for the first time, I get the "You must enable DRM [...]" yellow warning bar at the top of EVERY Google search, I've:

  • Play DRM-controlled content == UNCHECKED
  • media.gmp-widevinecdm.enabled == false
  • media.gmp-widevinecdm.visible == false
  • Firefox 70.0.1 (64-bit) (downloaded & installed from Mozilla, not the distribution package)
  • Ubuntu 18.04.3 LTS

Steps to replicate:

Try to disable browser.eme.ui.enabled in about::config, please post if this solves the problem.

(In reply to Ron Kaminsky from comment #9)

A workaround which seems to work for me is to disable the following in
about:config :

media.gmp-widevinecdm.enabled
media.gmp-widevinecdm.visible

Disabling browser.eme.ui.enabled may help also...

Another setting in about:config which may be interesting to those who read this thread is

media.eme.video.blank

I'm not sure what it does exactly. However, I have noticed that the new "enhanced" UI for about:config in version 71 now has abolished the traditional right-click functionality. And the functionality that search also searches the values of the settings. I suppose that last "enhancement" is just in case the current Mozilla development direction has you wanting to search for every setting in about:config which contains a Mozilla domain URL so you can change it to a nonexistent domain?

I can't "inspect element" on the pop-up either.

Since it animates as it loads, it can be a migraine trigger, just like most video and audio.

(Or it moves the page down as it loads. I consider this and other painful animation to be forms of animation.)

Adding my vote that not being about to turn off showing the DRM must be enabled warning is annoying.

I'm going to try some of the about:config settings mentioned in this bug to see if that helps, but changing various config options that may be related is not what I'd consider a real solution, just a stop-gap for those of us who are techy and super annoyed by this.

I'm seeing the message with Firefox 73.0 on https://podcasts.apple.com/us/podcast/ted-radio-hour/id523121474?i=1000454832811

Two issues:

  1. There should be a way to disable those messages permanently. The bar is closed without any questions. Reopening the same page presents me with the same bar.

  2. The wording is inappropriate. It assumes that I'm on the page to play some video or audio. I might be on that page to read a story, to follow links or just to see what's there. I don't want Firefox to tell me that I must do something. Possible wording:

This page contains audio or video that can only be played if you enable DRM. Learn More. Enable DRM. Don't ask again.

This was in the wrong component. Moving and nudging.

Type: enhancement → defect
Component: Audio/Video: Playback → Notifications and Alerts
Priority: P3 → --
Product: Core → Toolkit

Can we get some more input from the nofications and alerts mozillians? This really is a bother and would seem like a relatively easy fix compared to the fact that this bug report has been open for an entire 3 years.

Showing up in google docs on linux now...

Severity: normal → S3
Component: Notifications and Alerts → Messaging System
Priority: -- → P3
Product: Toolkit → Firefox

This bug is still present, many years later. https://www.foxbusiness.com/technology/elon-musk-got-4000-spacex-workers-to-join-a-covid-19-study-heres-what-he-learned

Please fix that bug, its so annoying, I think a good solution would be to change the text to , this page contains DRM content you have chosen to disable, would you like to make an exception for this page or site? then with the alternatives, no, do not ask me again as default, then no, do not ask me again for this site, yes this time only and yes permanently enable DRM on this site. Then is the user chooses one of the enabled options, a popup should appear with the text: are you sure? Enabling DRM will have significant impact on privacy, options default, back to safety and enable anyway.

Flags: needinfo?(tspurway)
Flags: needinfo?(tspurway)
Keywords: good-first-bug

@tspurway I'd like to take up on this issue .Thank you

Would love to tackle this bug, if it is still open and unassigned.

Thanks

@tspurway @ambrose.li Ive read the whole thing..Ive a good thought of working on this bug..just to create options to avoid that nag bar that is

1.Dont ask me again for this site
2.Enable for this site alone
3.Enable permanently

@tspurway i dont think a beginner could do this .If it can be done, tell me where i could approach this bug to fix.

Thanks

Flags: needinfo?(tspurway)

Hi gijs, could you checkout this bug?
still the yellow nag is popping.

Flags: needinfo?(gijskruitbosch+bugs)

I'm fairly sure this bug needs product and UX input to be actionable, so I'm going to clear the "good first bug" flag. See also the recent comments in bug 1234355.

Flags: needinfo?(tspurway)
Flags: needinfo?(gijskruitbosch+bugs)
Keywords: good-first-bug

Okay gijs .Thanks :)

Confirm that disabling media.gmp-widevinecdm.enabled worked, but that is terrible UI. The right fix for #1234355 would be for Netflix page to detect absence of DRM and deal with it in their own UI. This feels like a replay of the multi year saga of getting rid of the "install missing plugins" alert when the site wanted to play Flash video and the user wasn't willing to install Flash.

The severity field for this bug is relatively low, S3. However, the bug has 12 votes and 50 CCs.
:tspurway, could you consider increasing the bug severity?

For more information, please visit auto_nag documentation.

Flags: needinfo?(tspurway)
Flags: needinfo?(tspurway)

Everytime I need to manage my Plex server through the web GUI I get this annoying popup/popdown in Firefox on Linux. I never use the Plex GUI to watch video. Please fix this and let me just never ever see DRM questions or even DRM content (of which Plex has none)

(In reply to Ron Kaminsky from comment #30)

Try to disable browser.eme.ui.enabled in about::config, please post if this solves the problem.

Thank you, this resolved the problem perfectly.

Changing browser.eme.ui.enabled from true to false in about:config fixed it for me too (Firefox 99.0.1)! Thank you so much!

I'm having a slightly opposite problem. I have already clicked "Enable DRM" (quite a few times) and it keeps asking me to enable DRM whenever I visit my plex server web page, before I ask it to play anything. Firefox 99 on Ubuntu 20.04, using Ubuntu packages. No proxy, Comcast is my ISP. Why does it not already know that I have enabled DRM? This doesn't happen on Windows.

I'd say Firefox already has the perfect UI for this: Permissions.

Just treat DRM like any other permission and give us the choices we have for Autoplay or Location.

  • Use Default
  • Always ask
  • Allow
  • Block

That way we can set the default to Block instead of completely disable DRM and have a non-intrusive way to play DRM content if we so choose.

Also, if a user disables DRM just keep the entry in the permissions UI but replace the choices with an appropiate message like "DRM is disabled globally. Click this link to learn more."

That approach sounds like a good concept. :)

(In reply to github from comment #56)

I'm having a slightly opposite problem. I have already clicked "Enable DRM" (quite a few times) and it keeps asking me to enable DRM whenever I visit my plex server web page, before I ask it to play anything. Firefox 99 on Ubuntu 20.04, using Ubuntu packages. No proxy, Comcast is my ISP. Why does it not already know that I have enabled DRM? This doesn't happen on Windows.

Please file a separate bug with more details (data from about:support would be pretty useful, as well as whether DRM video works anywhere else for you).

Flags: needinfo?(github)

Redirect a needinfo that is pending on an inactive user to the triage owner.
:tspurway, since the bug has recent activity, could you have a look please?

For more information, please visit auto_nag documentation.

Flags: needinfo?(github) → needinfo?(tspurway)
Flags: needinfo?(tspurway)

I just got this popdown on Firefox on Windows... I've only ever gotten it on Linux before today.. 111.0.1 (64-bit)

(In reply to Ron Kaminsky from comment #30)

Try to disable browser.eme.ui.enabled in about::config, please post if this solves the problem.

Went with this "solution", thank you.

This seems to be a rather odd issue as it's been around for a long time and it's really about how the handling of a (mis)feature is outdated as it really should work like other permissions as it was proposed earlier. Consider the following problems which actually made me end up here as just closing the extra bar a few times earlier wasn't a problem, but it changed in the past few months (both globally and for personal reasons):

  • Apparently more and more websites start with wanting to use DRM highly likely for fingerprinting. Even the usual undesired location permission request is less jarring and it's also easier to dismiss.
  • The bar getting added shifting the whole page down is incredibly bad UX. Likely this one is a more personal experience, but I get to see it often nowadays as scrolling loads some bloat which wants to use DRM, so the bar appears while the page is in use, and it keeps on reappearing every time something silly is loaded.
  • The text shown is actually a lie even if unintentionally as the vast majority of websites either don't block media getting played without DRM (hence the malicious fingerprinting suspicion), or media keeps being gated behind other requirements. Spotify is one notoriously silly example of this as when it's embedded into another site, the preview can be played without DRM, and on their site nothing can be played anyway without signing up for their service, yet in both cases the popup bar appears with the inappropriate message.

Even the page the "Learn more" link leads to isn't particularly helpful, it neither tells much to the people who are just a bit above figuring that clicking on enable makes something work, nor it informs more advanced users about the increased risks of how much the attack surface increases by granting lower level access to components which cannot be feasibly verified neither by the user nor by trustworthy organizations.

Five years later, on version 113.0.1 and I can confirm that the fix posted in comment #9 still works perfectly.

You need to log in before you can comment on or make changes to this bug.