Closed
Bug 1317231
Opened 7 years ago
Closed 7 years ago
[FirstPartyIsolation] Failed to sign in to the 360.com
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
INVALID
People
(Reporter: cynthiatang, Unassigned)
References
(Blocks 1 open bug)
Details
(Whiteboard: [tor][domsecurity-active])
Preference setting: 1. privacy.firstparty.isolate;true 2. network.predictor.enable-prefetch;false 3. network.predictor.enabled;false Step: 1. Launch Firefox browser 2. Go to 360.com 3. Click on "登录" (Sign in) 4. Sign in using an existing ID and password Actual result: - User cannot login to 360.com - Firefox with firstPartyIsolation: https://youtu.be/PQVX9hJCO2Q - Firefox without firstPartyIsolation: https://youtu.be/X3KGbNn0tHw Firefox version: 52.0a1 (2016-11-11) (64-bit)
Comment 1•7 years ago
|
||
The login process of 360.com is based on the third party cookies, which means it will redirect to another first party to get the login session cookie. So the 360.com will not acquire the login session cookie since it belongs to another first party. Therefore, this behavior is correct under the fact that the first party isolation is turned on. In addition, the tor browser shows the same behavior.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•