Closed
Bug 1475961
Opened 7 years ago
Closed 4 years ago
Unable to see the poll on thepioneerwoman.com while Tracking Protection Basic is enabled
Categories
(Web Compatibility :: Site Reports, defect, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: oanaarbuzov, Unassigned)
References
(Blocks 1 open bug, )
Details
(Whiteboard: [tp-analytics][tp-yellowlist-active][tp-shim-complex][tp-embedded-media][webcompat:sightline])
User Story
polldaddy.com
Attachments
(1 file)
|
34.79 KB,
image/png
|
Details |
uMatrxiResults.png
[Environment:]
Browser / Version: Firefox Nightly 63.0a1 (2018-07-15)
Operating System: Windows 10 Pro
[Prerequisites:]
1. Tracking Protection Basic enabled.
[Steps to Reproduce:]
1. Navigate to http://thepioneerwoman.com/fun-and-learning/poll-what-is-your-biggest-fear/
2. Observe the page.
[Expected Behavior:]
The poll is displayed.
[Actual Behavior:]
The poll is not displayed.
[Note:]
1. Also reproducible with Tracking Protection strict.
|
Reporter | |
Comment 1•7 years ago
|
||
Looking at the devtools console, here are the blocked resources:
The resource at “http://www.google-analytics.com/ga.js” was blocked because tracking protection is enabled.[Learn More] poll-what-is-your-biggest-fear
The resource at “http://disqus.com/forums/thepioneerwoman/count.js” was blocked because tracking protection is enabled.[Learn More] poll-what-is-your-biggest-fear
The resource at “http://assets.pinterest.com/js/pinit.js?ver=4.9.7” was blocked because tracking protection is enabled.[Learn More] poll-what-is-your-biggest-fear
The resource at “http://www.statcounter.com/counter/counter.js?ver=4.9.7” was blocked because tracking protection is enabled.[Learn More] poll-what-is-your-biggest-fear
The resource at “http://cdn.mouseflow.com/projects/39ea5c21-84db-43a5-9cd8-5fffbd69f200.js” was blocked because tracking protection is enabled.[Learn More] poll-what-is-your-biggest-fear
The resource at “http://1.gravatar.com/blavatar/7e9e6939abe6e8e1c144ccabe1f96642?s=50&d=https%3A%2F%2Fs2.wp.com%2Fi%2Flogo%2Fwpcom-gray-white.png” was blocked because tracking protection is enabled.[Learn More] poll-what-is-your-biggest-fear
The resource at “http://script.crazyegg.com/pages/scripts/0013/9249.js?425366” was blocked because tracking protection is enabled.[Learn More] poll-what-is-your-biggest-fear
So there were domains to test:
- www.google-analytics.com
- disqus.com
- assets.pinterest.com
- www.statcounter.com
- cdn.mouseflow.com
- 1.gravatar.com
- script.crazyegg.com
I opened the URL in a fresh browser profile (Firefox Nightly 63, uMatrix installed, normal mode) and loaded the page. The poll is not displayed.
I disabled the Spoof Referrer option in uMatrix and then whitelisted different combination of the domains but the poll was not displayed.
Thus I whitelisted:
- polldaddy.com (including static.polldaddy.com)
and the poll was displayed.
So in conclusion:
- polldaddy.com – Analytics = [tp-analytics]
|
|
Reporter | |
Comment 2•7 years ago
|
||
Added uMatrix results.
|
|
Reporter | |
Updated•7 years ago
|
Priority: -- → P3
|
Assignee | |
Updated•6 years ago
|
Product: Tech Evangelism → Web Compatibility
|
||
Comment 3•5 years ago
|
||
Polldaddy polls are thankfully loaded pretty simply; just add a script to the markup:
<script type="text/javascript" charset="UTF-8" src="//static.polldaddy.com/p/9434672.js"></script>
And similarly tell that script where to insert the poll:
<a name="pd_a_9434672"></a>
<div class="CSS_Poll PDS_Poll" id="PDI_container9434672" style="display:inline-block;"></div>
<div id="PD_superContainer"></div>
As such, we can pretty easily provide a UI for users allowing them to load the poll, by simply hijacking the script-load for scripts of the form //static.polldaddy.com/p/(\d+).js and replacing its content with something like this:
var src = document.currentScript.src;
var pollId = src.match(/.*\/(.*)\.js/)[1];
var container = document.querySelector(`#PDI_container${pollId}`);
var link = document.createElement("a");
link.innerText = "Click to load poll";
link.addEventListener("click", () => {
container.innerHTML = "";
// TODO: temporarily bypass tracking protection for the request this generates:
const script = document.createElement("script");
script.src = src;
document.head.appendChild(script);
});
container.appendChild(link);
If we're prefer, we could alternatively just write out a link like the <noscript> tag the site provides, possibly opening in a new tab:
<a href="https://poll.fm/9434672">Take Our Poll</a>
|
|
||
Updated•5 years ago
|
|
|
||
Updated•5 years ago
|
Whiteboard: [tp-analytics] → [tp-analytics][tp-yellowlist-active][tp-shim-complex][tp-embedded-media]
|
|
Reporter | |
Comment 5•4 years ago
|
||
The issue seems to be fixed, the poll is displayed both with ETP - Standard and Strict.
https://prnt.sc/w3ba68
Tested with:
Browser / Version: Firefox Nightly 86.0a1 (2020-12-14)
Operating System: Windows 10 Pro
Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
|
||
Updated•3 months ago
|
Whiteboard: [tp-analytics][tp-yellowlist-active][tp-shim-complex][tp-embedded-media] → [tp-analytics][tp-yellowlist-active][tp-shim-complex][tp-embedded-media][webcompat:sightline]
You need to log in
before you can comment on or make changes to this bug.
Description
•