Open Bug 1336458 Opened 5 years ago Updated 2 years ago

[FirstPartyIsolation] Unable to login using Facebook on As.com

Categories

(Core :: DOM: Security, defect, P3)

defect

Tracking

()

Tracking Status
firefox51 --- unaffected
firefox52 --- unaffected
firefox53 --- unaffected
firefox54 --- affected

People

(Reporter: bogdan_maris, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [tor][domsecurity-backlog2][dfpi-ok])

[Affected versions]:
- Firefox 52 beta 2
- latest Dev Edition 53.0a2
- latest Nightly 54.0a1

[Affected platforms]:
- macOS 10.12.2
- Ubuntu 16.04 32-bit
- Windows 10 64-bit

[Steps to reproduce]:
1. Visit As.com and login using Facebook

[Expected result]:
- Login is successful.

[Actual result]:
- User was not successfully logged in with Facebook account.

[Regression range]:
- This is not a regression.
Depends on: 1319773
Whiteboard: [tor]
Priority: -- → P2
Whiteboard: [tor] → [tor][domsecurity-backlog2]
Priority: P2 → P3
With pref 'privacy.firstparty.isolate.restrict_opener_access' set to 'false' this is still reproducible. After entering facebook credentials and hitting login, as.com login webpage refreshes and does not login. Using Tor browser, the user is successfully logged in to As.com after entering Facebook credentials. 
Removing tracking status for 52 and 53 since this does not affect normal users.
See Also: → 1319728
This website can log in successfully when I disabled third party cookies. So, I believe that the login mechanism of 'as.com' is depending on third party cookies. And when we disable third party cookies, it will detect it and use a different way other than third party cookies to log in.
Whiteboard: [tor][domsecurity-backlog2] → [tor][domsecurity-backlog2][dfpi-ok]
You need to log in before you can comment on or make changes to this bug.