If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Microsoft Account creation for Azure impossible, captcha page doesn't show captcha

RESOLVED INVALID

Status

()

Firefox
Untriaged
RESOLVED INVALID
4 months ago
4 months ago

People

(Reporter: jonas, Unassigned)

Tracking

54 Branch
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

4 months ago
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:54.0) Gecko/20100101 Firefox/54.0
Build ID: 20170418074700

Steps to reproduce:

1. Clear cookies for live.com / microsoft.com / outlook.com
2. Go to this link (signup for a free new Microsoft Azure account) https://account.azure.com/signup?offer=ms-azr-0044p&appId=102&redirectURL=https%3a%2f%2fazure.microsoft.com%2fen-us%2fget-started%2fwebinar%2f&l=en-us&correlationId=a49b1298-9824-4146-98e7-cec223a936d3
3. Enter a new personal e-mail address which can receive e-mails (not a Microsoft / hotmail address! I think it must be another provider) and click "Next"
4. Enter the code you receive to the entered e-mail address and click "Next"
5. You will now see a blank page with "Previous" / "Next" buttons


Actual results:

Page with blank content area and useless "Next" button, it is impossible to proceed


Expected results:

Captcha shows up which can be entered correctly and then "Next" works (compare how this process works in Chromium)
Please ask the site in question for help.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 4 months ago
Resolution: --- → INVALID
(Reporter)

Comment 2

4 months ago
For what it's worth: during the process, a lot of errors "Strict-Transport-Security: The site specified a header that could not be parsed successfully.[Learn More]" pop up on the console. Sadly, the according requests don't show up on the network tab, so I cannot tell how the unparseable header actually looks like and whether this is a site bug or a firefox problem.
(Reporter)

Comment 3

4 months ago
Ah, I guess this might be the SHA1 problem again which I ran into here #1297467 , or at least related
(Reporter)

Comment 4

4 months ago
Ok for what it's worth, I just tested and set security.pki.sha1_enforcement_level to "0" and this doesn't fix it (unlike bug #1297467 ). Therefore, this appears to be something else than Microsoft still using SHA1 certs on some sites.
You need to log in before you can comment on or make changes to this bug.