Images are not displayed on g1.globo.com while basic TP is ON
Categories
(Web Compatibility :: Site Reports, defect, P3)
Tracking
(Not tracked)
People
(Reporter: sergiu, Unassigned)
References
(Blocks 1 open bug, )
Details
(Whiteboard: [tp-social][tp-yellowlist-active][tp-shim-content][tp-embedded-media])
User Story
twimg.com twitter.com
Environment: Windows 10, Mozilla Firefox Nightly 63.0a1 (2018-07-15) (64-bit) STR: 1. Open Mozilla Firefox. 2. Turn ON basic tracking Protection. 3. Navigate to https://g1.globo.com/mundo/noticia/memes-da-copa-do-mundo-2018-nigeria-x-argentina.ghtml 4. Observe the images displayed. Expected results: 1. The images are displayed. Actual results: 1. The images are not displayed. Instead, some HTML code is. ex: "-< href="https://twitter.com/hashtag/ZicaPraArgentina?src=hash&ref_src=twsrc%5Etfw" url="https://twitter.com/hashtag/ZicaPraArgentina?src=hash&ref_src=twsrc%5Etfw">#ZicaPraArgentina> < href="https://twitter.com/hashtag/NGAAGR?src=hash&ref_src=twsrc%5Etfw" url="https://twitter.com/hashtag/NGAAGR?src=hash&ref_src=twsrc%5Etfw">#NGAAGR> "Nigéria x Argentina" < href="https://t.co/7WFBZcxmax" url="https://t.co/7WFBZcxmax">pic.twitter.com/7WFBZcxmax>"
Reporter | ||
Comment 1•6 years ago
|
||
Looking at the devtools console, here are the blocked resources: The resource at “https://tag.navdmp.com/tm13574.js” was blocked because tracking protection is enabled. The resource at “https://cdn.krxd.net/controltag/J2lZajxx.js” was blocked because tracking protection is enabled. The resource at “https://sb.scorecardresearch.com/c2/6035227/cs.js” was blocked because tracking protection is enabled. The resource at “https://connect.facebook.net/en_US/sdk.js” was blocked because tracking protection is enabled. The resource at “https://platform.twitter.com/widgets.js” was blocked because tracking protection is enabled. So there were domains to test: tag.navdmp.com cdn.krxd.net sb.scorecardresearch.com connect.facebook.net platform.twitter.com I opened the URL in a fresh browser profile (Firefox Nightly 63, uMatrix installed, normal mode) and loaded the page. The page is not loaded correctly. No images are displayed. I disabled the Spoof Referrer option in uMatrix and then whitelisted: glbimg.com twimg.com twitter.com After this, the images were displayed correctly. The other resources (tag.navdmp.com, cdn.krxd.net, sb.scorecardresearch.com, connect.facebook.net) didn't help. https://user-images.githubusercontent.com/16573771/42632380-a23b1e9a-85e5-11e8-8557-ae6ae2ee7ffd.png So in conclusion: glbimg.com - Not listed twimg.com - Twitter resources = [tp-social] twitter.com - Twitter resources = [tp-social]
Reporter | ||
Updated•6 years ago
|
Updated•6 years ago
|
Assignee | ||
Updated•5 years ago
|
Updated•5 years ago
|
Comment 2•4 years ago
|
||
The images I'm seeing are really embedded Twitter posts, and can be un-blocked by allowing resources from:
https://platform.twitter.com/
https://cdn.syndication.twimg.com/tweets.json
https://syndication.twitter.com/
https://abs.twimg.com/emoji/
https://pbs.twimg.com/
https://platform.twitter.com/
It's basically the same situation as in https://bugzilla.mozilla.org/show_bug.cgi?id=1485372#c4, and the shimming method there fixes the issue with a yellow-list opt in... but the site defines its own window.twttr object, which we'll have to account for in any shims (just save a reference to it, and restore it just before we load the real widgets.js
).
Updated•4 years ago
|
Comment 3•3 years ago
|
||
The issue is not reproducible with ETP - Standard, thus the issues can be closed.
https://prnt.sc/w39yu2
Note: The issue still occur with ETP - Strict (https://prnt.sc/w39u67) - https://bugzilla.mozilla.org/show_bug.cgi?id=1609867
Tested with:
Browser / Version: Firefox Nightly 86.0a1 (2020-12-14)
Operating System: Windows 10 Pro
Description
•