1319761 - Login on pinterest using facebook social network not working on Fx with FPI

Status: NEW

(Core :: DOM: Security, defect, P3)

Description

[Bogdan Maris, Desktop QA]

Attachment: Screenshot showing the issue

[Note]:
- Prerequisits:
Enable perf "privacy.firstparty.isolate"
Disable perf "network.predictor.enabled"
Disable perf "network.predictor.enable-prefetch"

[Affected versions]:
- latest Nightly 53.0a1

[Affected platforms]:
- Ubuntu 16.04 32bit

[Steps to reproduce]:
1. Visit pinterest.com
2. Click Continue with Facebook
3. Enter user and password for Facebook and click Log-in

[Expected result]:
- Fx successfully completes the log-in process using Facebook.

[Actual result]:
- After login a blank page is displayed in the new opened pop-up and the log-in using Facebook social network is a success.

[Regression range]:
- This is not a regression, It's still an experimental feature not enabled by default in any official build.

[Additional notes]:
- Screenshot attached showing the error.

Comment 1

[Bogdan Maris, Desktop QA]

[Additional notes]:
- I should have mentioned that I did not encounter the same issue on Tor Browser.

Comment 2

[Ethan Tseng [:ethan]]

This bug can be reproduced on Mac OS as well.

Comment 3

[Tim Huang[:timhuang]]

It looks like that there will be no more a blank 'facebook.com' page after turn off pref "privacy.firstparty.isolate.restrict_opener_access". The log-in process, however, is still not complete that Pinterest does not log-in successfully. It implies there are still some issues here. I will try to figure out.

Comment 4

[Emma Humphries ☕️🎸🧞‍♀️✨ (she/they) [:emceeaich] (Pacific Time) use needinfo]

This is an assigned P1 bug without activity in two weeks. 

If you intend to continue working on this bug for the current release/iteration/sprint, remove the 'stale-bug' keyword.

Otherwise we'll reset the priority of the bug back to '--' on Monday, August 28th.

Comment 5

[(no longer active)]

FWIW the cause of the problem here is that after the popup where the login happens is closed, an iframe on the main page is navigated to a place like https://www.facebook.com/connect/ping?client_id=xxx&domain=www.pinterest.ca&origin=1&redirect_uri=https://staticxx.facebook.com/connect/foo/bar.js?version=42.  Without FPI, this iframe is loaded with facebook's cookies which were set by the pop-up.  With FPI, the popup is loaded under the facebook first party context so those cookies aren't present when navigating to this URL in the iframe and this breaks the login flow.

Comment 7

[Cristian Fogel [:cfogel]]

Updating flags

Comment 8

[benlen]

Without FPI, this iframe is stacked with facebook's treats which https://pinterestvideodownloader.io/ were set by the spring up. With FPI, the popup is stacked under the facebook first party setting so those treats are absent while exploring to this URL in the iframe and this breaks the login stream.

Comment 9

[Nitish]

Pinterest Image And Video Downloader Is A Great App To Download Any Videos, Images, Gif From Pinterest. You Can Download Any File In Just 4 Steps That Takes Not More Than 10 Seconds.It Is Extremely Easy To Use. You Don’t Need Any Prior Tech Knowledge To Download Any Image, Video Or Gif From Pinterest With Pinterest Image And Video Downloader. Here’s How You Can Do It. <a href="https://pinterestdownloader.co/">pinterest story downloader</a>

Comment 10

[Nitish]

We are constantly surrounded by electronic gadgets to carry out our day-to-day work smoothly. Therefore, a constant need to charge our smartphones and laptops becomes a headache while traveling or in some unfortunate scenarios where getting charging ports or even electricity sometimes gets difficult.
https://dealsreview.in/can-a-20000mah-fast-charging-power-bank-charge-a-laptop/

Comment 11

[Nitish]

Pinterest Image And Video Downloader Is A Great App To Download Any Videos, Images, Gif From Pinterest. You Can Download Any File In Just 4 Steps That Takes Not More Than 10 Seconds.It Is Extremely Easy To Use. You Don’t Need Any Prior Tech Knowledge To Download Any Image, Video Or Gif From Pinterest With Pinterest Image And Video Downloader. Here’s How You Can Do It. https://pinterestdownloader.co/

Comment 12

[pinterestvideodownloader97]

Pinterest video downloader is very efficient app for downloads, when you can use this app, you can easily download Pinterest video from your mobile with in mp4, 720 formats and also images in different formats like png and jpg. You Can Download Any File In Just 4 Steps That Takes Not More Than 10 Seconds.It Is Extremely Easy To Use. You Don’t Need Any Prior Tech Knowledge To Download Any Image, Video Or Gif From Pinterest With Pinterest Image And Video Downloader. Here’s How You Can Do It. <a href="https://pinterestvideodownloader.site/">pinterest story downloader</a>

Comment 13

[Umair]

Downloadhub is the best platform where you can download movies without any cost. This website has a lot of movies in different languages, it makes your life more comfortable than other. From this site you can <a href="https://downloadhubmovie.com/">hd movie download hub</a> all types of movies without any cost. You don't need to pay money for downloading here, but the only thing is that you should register with the site or log in if you already have an account. The website link is given next:

Comment 14

[instar]

If you're experiencing difficulties logging into Pinterest using the Facebook social network on Firefox with FPI (Firefox's First-Party Isolation) enabled, it's possible that the FPI feature is causing the issue. First-Party Isolation is a privacy feature in Firefox that separates website data from different domains, aiming to enhance user privacy and security.

However, this feature can sometimes interfere with certain functionalities that rely on cross-domain communication, such as logging in using Instagram on Pinterest. In this case, you may need to adjust your Firefox settings to temporarily disable FPI or make specific adjustments for Pinterest to work properly.

Comment 15

[fdfdr]

Disable FPI for Pinterest (Not Recommended for Privacy):

Open a new tab in Firefox.
Type about:config in the address bar and press Enter.
Search for privacy.firstparty.isolate.
Double-click on the privacy.firstparty.isolate preference to set it to false.
Note: Disabling FPI may improve login functionality but reduces your privacy protection.

Try Another Browser or Profile: https://newtoki.me/

If you encounter persistent issues with Pinterest and Facebook login in Firefox with FPI enabled, consider using another browser (e.g., Chrome) or using a separate Firefox profile without FPI for Pinterest access.

Comment 16

[fdsg]

Check DNS Configuration:

Ensure that your network's DNS settings are correctly configured. The DNS server(s) should be reachable from your network.
Verify that your DNS server(s) can resolve hostnames correctly. You can test this by using the nslookup or dig command from a command prompt or terminal.
Flush DNS Cache:

On the device where you are experiencing the issue, you can try flushing the DNS cache. The command to do this varies depending on your operating system:
On Windows, open a Command Prompt with administrative privileges and run: ipconfig /flushdns
https://idm-crack.com/

Comment 17

[fdgfdd]

If you're experiencing issues logging into Pinterest using your Facebook account while using Firefox with First-Party Isolation (FPI) enabled, it could be related to how FPI restricts cross-site tracking and interactions. Here are some steps to troubleshoot and potentially resolve the issue:

Check FPI Settings:

Ensure that First-Party Isolation is indeed enabled in your Firefox settings. You can check this by typing about:config in your Firefox address bar and searching for privacy https://aussiedoodlemoon.com/aussie-poo-dog/.firstparty.isolate. It should be set to "true."
Temporary Disable FPI (for Testing):

As a test, you can temporarily disable FPI to see if that resolves the issue. You can do this by setting privacy.firstparty.isolate to "false" in about:config. However, keep in mind that disabling FPI may reduce your privacy protections.

Comment 18

[Tom Ritter [:tjr] (OOTO until 4/30 at least)]

Flagging this bug as it has been accumulated a lot of spam. Can we restrict comments?