[FirstPartyIsolation] Failed to sign in to the 360.com

RESOLVED INVALID

Status

()

Core
DOM: Security
RESOLVED INVALID
2 years ago
2 years ago

People

(Reporter: cynthiatang, Unassigned)

Tracking

(Blocks: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [tor][domsecurity-active])

(Reporter)

Description

2 years ago
Preference setting:
 1. privacy.firstparty.isolate;true
 2. network.predictor.enable-prefetch;false
 3. network.predictor.enabled;false

Step:
 1. Launch Firefox browser
 2. Go to 360.com
 3. Click on "登录" (Sign in)
 4. Sign in using an existing ID and password

Actual result:
 - User cannot login to 360.com
 - Firefox with firstPartyIsolation: https://youtu.be/PQVX9hJCO2Q
 - Firefox without firstPartyIsolation: https://youtu.be/X3KGbNn0tHw


Firefox version: 52.0a1 (2016-11-11) (64-bit)

Comment 1

2 years ago
The login process of 360.com is based on the third party cookies, which means it will redirect to another first party to get the login session cookie. So the 360.com will not acquire the login session cookie since it belongs to another first party.

Therefore, this behavior is correct under the fact that the first party isolation is turned on. In addition, the tor browser shows the same behavior.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.