Created attachment 8929879 [details] FF bug empty page.jpg User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0 Build ID: 20171112125346 Steps to reproduce: I am on Pinterest, I left click on a link, it opens up a new tab and connects me to the link I clicked on. I am unaware of other sites it happens on. Actual results: When the new tab opens, Firefox acts like it opened the page, the link address does appear in the web address, however the page is blank. I read through some bugs, I did try the R click and tell it to open in a new tab and that does seem to work, however, that is not how it used to work. Expected results: The page should have fully opened in a new tab when I L click on the link. FYI, this issue is on all 3 of my laptops with the new FF 57.0 update. I am running Windows 7 on 2 laptops and Windows 10 on 1 laptop.
Tested on Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0 Build ID:20171112125346 and it seems there is a sandbox issue here. It was observed that when redirecting from a "https://" page to a "http" url page (with security.sandbox.content.level = 3 as default in FF) the browser returns a Content Security Policy - "Coudn't parse invalid host" and ignoring the specified page link. By changing the value of the security.sandbox.content.level to 2, the redirect is done successfully. Barb Stewart - Thank you for reporting it.
Status: UNCONFIRMED → NEW
Component: Untriaged → Security: Process Sandboxing
Ever confirmed: true
OS: Unspecified → All
Product: Firefox → Core
Hardware: Unspecified → All
Summary: I open a new tab from a link and the page does not open, I come up with a blank page. → Https to Http redirect does not work on sandbox level 3 (default)
Additional STR: 1. Go to https://ro.pinterest.com/pin/647251777668683572/ 2. Click on the image Actual: As the reporter mentioned - the redirect page is not loaded (blank) Error in Console: Content Security Policy: Couldn’t parse invalid host 'report-sample' (unknown) Content Security Policy: Ignoring “https://ro.pinterest.com” within script-src: ‘strict-dynamic’ specified
status-firefox57: --- → affected
status-firefox58: --- → affected
status-firefox59: --- → affected
Which image needs to be clicked on that page? There are several images.
(In reply to Alex Gaynor [:Alex_Gaynor] from comment #3) > Which image needs to be clicked on that page? There are several images. The link from Step 1 will redirect you to a single image, once you are logged in.
Tracy, can you please try to reproduce.
(In reply to Jim Mathies [:jimm] from comment #5) > Tracy, can you please try to reproduce. regression range too if possible!
I am unable to reproduce this on 57 nor only 59 Nightly on Windows 10 (both 64 bit builds) Alin, are you reproducing in a clean profile? If so, can you find the regression range?
Flags: needinfo?(twalker) → needinfo?(alin.deac)
Created attachment 8935024 [details] pinterest loading image issue.webm Managed to reproduce the issue on Windows 7 & 10 on 57 Release, on clean profiles (even without logging in, as i mentioned above, in comment 4) by clicking on any images (used the first 3 images after accessing https://ro.pinterest.com/pin/647251777668683572/). Attached screen-record. Hope this helps. Thank you.
Hey Dean, would you please try to generate some http logging for this? https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging?redirectlocale=en-US&redirectslug=HTTP_Logging Also, about:support text please.
Hi Jim, here is the link with the information you requested (About:support text and Http activity log) https://drive.google.com/drive/folders/1KVsuiSvw7qSum0zyKMGKTcl1ZGZQ9GLa?usp=sharing
Can't reproduce on Win7 using Nightly 59.
Can't reproduce in 57.0.2 on Win7 as well.
Deac, are you running any type of anti-virus software on your device?
We are using Kaspersky Endpoint Security 10 Version 10.3.0.6294 as default anti-virus software.
(In reply to Deac Alin-Desktop Engineering QA from comment #14) > We are using Kaspersky Endpoint Security 10 Version 10.3.0.6294 as default > anti-virus software. Can you reproduce if you disable the antivirus?
(In reply to Marco Castelluccio [:marco] from comment #15) > Can you reproduce if you disable the antivirus? Hi guys, we cannot disable the antivirus on our work stations, but I managed to find one station, without any antivirus installed yet. Retested the issue on latest Nightly (with no antivirus) Version 57.0.3 Build ID 20171226083017 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0 and managed to reproduce the issue as described above (Comment 2 and 10), with same error returned in console. Hope this helps.
Sorry, I meant latest Release 57 (not Nightly).
Deac, can you please post about:support text for an affected system? Thanks. I still can't repro, specifically on this page - https://ro.pinterest.com/pin/372461831663181316/ This first page is https. Clicking on the field image will open an http site in a background tab. This tab loads properly for me.
Flags: needinfo?(jmathies) → needinfo?(alin.deac)
Priority: -- → P3
Created attachment 8943576 [details] video of the issue 01.18.2018 Hi Jim, I already shared about:support text in comment 10, but I will post it again as an attachment and also a new screen record made today (reproducing the issue) on latest Release. Hoping that it will help reproducing the problem on your end. Thank you
You need to log in before you can comment on or make changes to this bug.