1484183 - Embedded Facebook video is not displayed on thedrive.com while Tracking Protection Basic is enabled

Status: RESOLVED DUPLICATE of bug 1265457

(Web Compatibility :: Site Reports, defect, P3)

Description

[Oana Arbuzov [:oanaarbuzov]]

Attachment: VIdeoMissing.png

[Environment:]
Browser / Version: Firefox Nightly 63.0a1 (2018-08-16)
Operating System: Windows 10 Pro

[Prerequisites:]
    1. Tracking Protection Basic enabled.
[Steps to Reproduce:]
    1. Navigate to   http://www.thedrive.com/news/9195/watch-thieves-use-a-toyota-tundra-as-a-battering-ram-in-a-gun-store-robbery 
    2. Observe the page.
        
[Expected Behavior:]
Video player is displayed and video can be player.
 
[Actual Behavior:]
Video player is not displayed.

Comment 1

[Oana Arbuzov [:oanaarbuzov]]

The issue is related to `tpvideo` breakage.

Looking at the devtools console, here are the blocked resources:
The resource at “http://s.skimresources.com/js/58287X1565894.skimlinks.js” was blocked because tracking protection is enabled.
The resource at “https://connect.facebook.net/en_US/fbevents.js” was blocked because tracking protection is enabled.
The resource at “http://edge.quantserve.com/quant.js” was blocked because tracking protection is enabled.
The resource at “http://static.yieldmo.com/ym.m5.js” was blocked because tracking protection is enabled.
The resource at “http://www.googletagservices.com/tag/js/gpt.js” was blocked because tracking protection is enabled.
The resource at “http://c.amazon-adsystem.com/aax2/apstag.js” was blocked because tracking protection is enabled.
The resource at “https:///getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID” was blocked because tracking protection is enabled.
The resource at “http://sync.search.spotxchange.com/partner?source=211945” was blocked because tracking protection is enabled.
The resource at “https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID” was blocked because tracking protection is enabled.
The resource at “https://idsync.rlcdn.com/462056.gif?partner_uid=e6a56874-6841-482b-b2d8-287a3709d34e” was blocked because tracking protection is enabled.
he resource at “https://api.segment.io/v1/p” was blocked because tracking protection is enabled.
The resource at “http://www.googletagmanager.com/gtm.js?id=GTM-K8GZZJG&l=dataLayer” was blocked because tracking protection is enabled.
The resource at “http://www.google-analytics.com/analytics.js” was blocked because tracking protection is enabled.
The resource at “http://static.chartbeat.com/js/chartbeat.js” was blocked because tracking protection is enabled.

So below are the domains to test:
- s.skimresources.com
- connect.facebook.net
- edge.quantserve.com
- static.yieldmo.com
- www.googletagservices.com
- c.amazon-adsystem.com
- ib.adnxs.com
- getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
- sync.search.spotxchange.com
- ads.pubmatic.com
- idsync.rlcdn.com
- api.segment.io
- www.googletagmanager.com
- www.google-analytics.com
- static.chartbeat.com

I opened the URL in a fresh browser profile (Firefox Nightly 63, uMatrix installed, normal mode) and loaded the page. The page is black.

I disabled the Spoof Referrer option in uMatrix and then WHITELISTED:
- cloudfront.net (with all related domains)
- facebook.com (with all related domains)
- facebook.net (with all related domains)
and the video player is shown but the video can't be played.

I whitelisted:
- fbcdn.net (with all related domains)
and the video can be played.

The other resources didn't help. 

So in conclusion:
- cloudfront.net is in Content category = [tp-content]
- facebook.com is in Disconnect category = [tp-social]

Comment 2

[Oana Arbuzov [:oanaarbuzov]]

Attachment: uMatrixResults.png

Added uMatrxi results.