Closed Bug 1369053 Opened 7 years ago Closed 7 years ago

containers bugzilla github login

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Version:
55 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: maggus.staab, Unassigned)

References

(Blocks 1 open bug)

Details

(Whiteboard: [userContextId][domsecurity-backlog]) 

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55.0
Build ID: 20170531030204

Steps to reproduce:

I subscriped my FF nightly to the firefox container pilot feature.

the github login on https://bugzilla.mozilla.org doesnt work for me because of the different containers used.

STR
- assign github.com to a container
- dont assign a container for bugzilla.mozilla.org
- open https://bugzilla.mozilla.org/enter_bug.cgi (without a logged in session)
- click "sign in with github"


Actual results:

the login doesnt work (which is the right thing I guess because I explicitly defined different containers).

I dont see a error message or something which makes me as a stupid aware of the problem, that its not a problem from the website I am visiting (bugzilla.mozilla.org in this case) but its caused by my containers config.


Expected results:

to be honest I am not 100% sure.

as I guess its technically correct that the login doesnt work, it seems UX wise it needs some polish to make the user aware on how to solve this problem (or explain to him what the actual problem is).

After I assigned both domains to the very same container everything works again.
Component: Untriaged → Security
Product: Firefox → Core
Component: Security → DOM: Security
Blocks: ContextualIdentity
Whiteboard: [userContextId][domsecurity-backlog]
@maggus, given your steps to reproduce the feature is working as intended. Your GitHub and Bugzilla sessions are in separate containers, so you would not be able to use GitHub to login to a container unless you had a GitHub session in that container. 

As this is working as intended, I'm going to close this, and suggest opening a separate bug for the UX hinting you mentioned. Such a solution sounds like it would have to have knowledge about each container which might break some of the security assumptions about how those containers works.
Status: UNCONFIRMED → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
As Emma mentioned above, this behaviour is expected. In regards to the UI/UX improvements, please create an issue under the Containers test pilot github page [1].

[1] https://github.com/mozilla/testpilot-containers/issues/
You need to log in before you can comment on or make changes to this bug.