Closed Bug 1486586 Opened Last year Closed Last year

Please make it easier to create an account / login without javascript

Categories

(bugzilla.mozilla.org :: General, defect)

Production
defect
Not set

Tracking

()

RESOLVED WONTFIX

People

(Reporter: traumschuleriebau, Unassigned)

Details

> what happens when you try to create an account?

On https://bugzilla.mozilla.org/createaccount.cgi i see:

> Account Creation Restricted
> User account creation has been restricted. Contact your administrator
> or the maintainer (bugzilla-admin@mozilla.org) for information about
> creating an account.
> Please press Back and try again.

The Console unveils following js errors. Maybe it should tell that js is needed?

<pre>
Content Security Policy: Couldn’t process unknown directive ‘report-to’
Content Security Policy: Ignoring “'unsafe-inline'” within script-src
or style-src: nonce-source or hash-source specified Content Security
Policy: This site (https://bugzilla.mozilla.org) has a Report-Only
policy without a report URI. CSP will not block and cannot report
violations of this policy. Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/jquery-min.js”.
createaccount.cgi:28 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/ui/jquery-ui-min.js”.
createaccount.cgi:28 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/yui.js”.
createaccount.cgi:28 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/cookie/cookie-min.js”.
createaccount.cgi:28 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/devbridgeAutocomplete/devbridgeAutocomplete-min.js”.
createaccount.cgi:28 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/global.js”.
createaccount.cgi:28 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/dropdown.js”.
createaccount.cgi:28 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/analytics.js”.
createaccount.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/dnt-helper.js”.
createaccount.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/util.js”.
createaccount.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/lib/md5.min.js”.
createaccount.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/Review/web/js/badge.js”.
createaccount.cgi:38 Loading failed for the <script> with source
“https://www.google-analytics.com/analytics.js”. createaccount.cgi:45
Content Security Policy: The page’s settings blocked the loading of a
resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/jquery-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/ui/jquery-ui-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/yui.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/cookie/cookie-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/devbridgeAutocomplete/devbridgeAutocomplete-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/global.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/dropdown.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at self (“script-src”). Source:
YAHOO.namespace('bugzilla'); .... createaccount.cgi:30 Content Security
Policy: The page’s settings blocked the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/analytics.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/dnt-helper.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/util.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/lib/md5.min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/Review/web/js/badge.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://www.google-analytics.com/analytics.js (“script-src”).
</pre>

I would like to not use external js from google for example.

> If you already have a GitHub account, I would recommend using the
> "login with GitHub" option on https://bugzilla.mozilla.org/login and
> then proceed to file your bug report.

- In the existing window i clicked on "Log In" and saw

> Invalid Email Address
> The e-mail address you entered
> (<redacted my correct email address>?GoAheadAndLogIn=1) didn't pass our syntax
> checking for a legal email address. A legal address must contain
> exactly one '@', and at least one '.' after the @, and may not contain
> any commas or spaces. It also must not contain any illegal characters.
> Please press Back and try again.

- got to "Log In"
- clicked on "Sign in with Github"

> Bugzilla has suffered an internal error:
> Bugzilla prevented you from logging in from a page containing private information.

- I repeated above steps, authorized mozilla on github and saw

> Account Not In Bugzilla
> The email '<email address redacted>' was not found in Bugzilla and will need to be created to log in. Create Account

The log shows:

<pre>
Content Security Policy: Couldn’t process unknown directive ‘report-to’
Content Security Policy: Ignoring “'unsafe-inline'” within script-src
or style-src: nonce-source or hash-source specified Content Security
Policy: This site (https://bugzilla.mozilla.org) has a Report-Only
policy without a report URI. CSP will not block and cannot report
violations of this policy. Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/jquery-min.js”.
github.cgi:24 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/ui/jquery-ui-min.js”.
github.cgi:24 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/yui.js”.
github.cgi:24 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/cookie/cookie-min.js”.
github.cgi:24 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/devbridgeAutocomplete/devbridgeAutocomplete-min.js”.
github.cgi:24 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/global.js”.
github.cgi:24 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/dropdown.js”.
github.cgi:24 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/analytics.js”.
github.cgi:34 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/dnt-helper.js”.
github.cgi:34 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/util.js”.
github.cgi:34 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/lib/md5.min.js”.
github.cgi:34 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/Review/web/js/badge.js”.
github.cgi:34 Loading failed for the <script> with source
“https://www.google-analytics.com/analytics.js”. github.cgi:41 Content
</pre>

- I clicked on "Create Account" again and was logged in. Maybe the page
needed a reload without js.

- Choosing "File a bug" it finally said:

> You require JavaScript to use this bug entry form.
> Please use the advanced bug entry form.

Log:

<pre>
Security Policy: The page’s settings blocked the loading of a resource
at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/jquery-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/ui/jquery-ui-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/yui.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/cookie/cookie-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/devbridgeAutocomplete/devbridgeAutocomplete-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/global.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/dropdown.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at self (“script-src”). Source:
YAHOO.namespace('bugzilla'); .... github.cgi:26 Content Security
Policy: The page’s settings blocked the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/analytics.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/dnt-helper.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/util.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/lib/md5.min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/Review/web/js/badge.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://www.google-analytics.com/analytics.js (“script-src”).
</pre>
- I followed the link to https://bugzilla.mozilla.org/enter_bug.cgi?format=__default__ 

- Choose Firefox, it opened the form, yay! Errors in the log:

<pre>
Content Security Policy: Couldn’t process unknown directive ‘report-to’
Content Security Policy: Ignoring “'unsafe-inline'” within script-src
or style-src: nonce-source or hash-source specified Content Security
Policy: This site (https://bugzilla.mozilla.org) has a Report-Only
policy without a report URI. CSP will not block and cannot report
violations of this policy. Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/jquery-min.js”.
enter_bug.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/ui/jquery-ui-min.js”.
enter_bug.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/yui.js”.
enter_bug.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/cookie/cookie-min.js”.
enter_bug.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/devbridgeAutocomplete/devbridgeAutocomplete-min.js”.
enter_bug.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/contextMenu/contextMenu-min.js”.
enter_bug.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/global.js”.
enter_bug.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/dropdown.js”.
enter_bug.cgi:38 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/attachment.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/util.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/field.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/TUI.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/bug.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/create_bug.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/BMO/web/js/edituser_menu.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/analytics.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/dnt-helper.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/util.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/lib/md5.min.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/Review/web/js/badge.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/Review/web/js/review.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/extensions/TrackingFlags/web/js/tracking_flags.js”.
enter_bug.cgi:128 Loading failed for the <script> with source
“https://www.google-analytics.com/analytics.js”. enter_bug.cgi:135
Content Security Policy: The page’s settings blocked the loading of a
resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/jquery-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/ui/jquery-ui-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/yui.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/cookie/cookie-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/devbridgeAutocomplete/devbridgeAutocomplete-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/jquery/plugins/contextMenu/contextMenu-min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/global.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/dropdown.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at self (“script-src”). Source:
YAHOO.namespace('bugzilla'); .... enter_bug.cgi:40 Content Security
Policy: The page’s settings blocked the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/attachment.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/util.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/field.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/TUI.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/bug.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/create_bug.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/BMO/web/js/edituser_menu.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/analytics.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/GoogleAnalytics/web/js/dnt-helper.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/js/lib/md5.min.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/Review/web/js/badge.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/Review/web/js/review.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://bugzilla.mozilla.org/static/v20180808.1/extensions/TrackingFlags/web/js/tracking_flags.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at
https://www.google-analytics.com/analytics.js (“script-src”). Content
Security Policy: The page’s settings blocked the loading of a resource
at self (“script-src”). Source: $(function() { init(); }); .
enter_bug.cgi:140 Content Security Policy: The page’s settings blocked
the loading of a resource at self (“script-src”). Source: <!--

function init() {
  set_assign_to....
enter_bug.cgi:292
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onsubmit attribute on FORM
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onsubmit attribute on FORM element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onclick attribute
on INPUT element. enter_bug.cgi Content Security Policy: The page’s
settings observed the loading of a resource at self (“script-src”). A
CSP report is being sent. Source: onclick attribute on INPUT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source:
YAHOO.util.Dom.removeClass('exp.... enter_bug.cgi:821 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: <!-- //--> ....
enter_bug.cgi:979
Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/flag.js”.
enter_bug.cgi:1853 Loading failed for the <script> with source
“https://bugzilla.mozilla.org/static/v20180808.1/js/flag.js”.
enter_bug.cgi:2965 Content Security Policy: The page’s settings blocked
the loading of a resource at self (“script-src”). Source: <!--
          initHidingOption....
enter_bug.cgi:1156
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: <!--
          initHidingOption....
enter_bug.cgi:1237
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: <!--
          initHidingOption....
enter_bug.cgi:1406
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onclick attribute on A
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onclick attribute on A element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onclick attribute on A
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onclick attribute on A element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: <!-- initHidingOption....
enter_bug.cgi:1526 Content Security Policy: The page’s settings blocked
the loading of a resource at self (“script-src”). Source: var
dt_columns = [ ....
enter_bug.cgi:1671
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onclick attribute on DIV
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onclick attribute on DIV element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onclick attribute on DIV
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onclick attribute on DIV element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onfocus attribute on TEXTAREA
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onfocus attribute on TEXTAREA element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onclick attribute
on INPUT element. enter_bug.cgi Content Security Policy: The page’s
settings observed the loading of a resource at self (“script-src”). A
CSP report is being sent. Source: onclick attribute on INPUT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onclick attribute
on INPUT element. enter_bug.cgi Content Security Policy: The page’s
settings observed the loading of a resource at self (“script-src”). A
CSP report is being sent. Source: onclick attribute on INPUT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source:
document.addEventListener("DOMContent.... enter_bug.cgi:1762 Content
Security Policy: The page’s settings blocked the loading of a resource
at self (“script-src”). Source: onkeyup attribute on TEXTAREA element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onkeyup attribute on TEXTAREA element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onblur attribute on TEXTAREA
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onblur attribute on TEXTAREA element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: $(function()
{ $("#data").... enter_bug.cgi:1808 Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: onchange attribute on SELECT element. enter_bug.cgi Content
Security Policy: The page’s settings observed the loading of a resource
at self (“script-src”). A CSP report is being sent. Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on INPUT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on INPUT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at https://bugzilla.mozilla.org/static/v20180808.1/js/flag.js
(“script-src”). Content Security Policy: The page’s settings blocked
the loading of a resource at self (“script-src”). Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings observed the loading of a resource at self
(“script-src”). A CSP report is being sent. Source: onchange attribute
on SELECT element. enter_bug.cgi Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: REVIEW.init_review_flag('flag_type-74.... enter_bug.cgi:1895
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onchange attribute on SELECT
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings observed the loading of a resource at self
(“script-src”). A CSP report is being sent. Source: onchange attribute
on SELECT element. enter_bug.cgi Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: onchange attribute on SELECT element. enter_bug.cgi Content
Security Policy: The page’s settings observed the loading of a resource
at self (“script-src”). A CSP report is being sent. Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onchange attribute on SELECT
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings observed the loading of a resource at self
(“script-src”). A CSP report is being sent. Source: onchange attribute
on SELECT element. enter_bug.cgi Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: onchange attribute on SELECT element. enter_bug.cgi Content
Security Policy: The page’s settings observed the loading of a resource
at self (“script-src”). A CSP report is being sent. Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onchange attribute on SELECT
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings observed the loading of a resource at self
(“script-src”). A CSP report is being sent. Source: onchange attribute
on SELECT element. enter_bug.cgi Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: <!-- initHidingOption.... enter_bug.cgi:2532 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: <!-- initHidingOption.... enter_bug.cgi:2612
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onclick attribute on INPUT
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onclick attribute on INPUT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onclick attribute
on INPUT element. enter_bug.cgi Content Security Policy: The page’s
settings observed the loading of a resource at self (“script-src”). A
CSP report is being sent. Source: onclick attribute on INPUT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings observed the loading of a resource at self
(“script-src”). A CSP report is being sent. Source: onchange attribute
on SELECT element. enter_bug.cgi Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: initHidingOptionsForIE('cf_pl.... enter_bug.cgi:2685 Content
Security Policy: The page’s settings blocked the loading of a resource
at self (“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_tr.... enter_bug.cgi:2705 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_tr.... enter_bug.cgi:2725 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_st.... enter_bug.cgi:2745 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_tr.... enter_bug.cgi:2765 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_st.... enter_bug.cgi:2785 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_tr.... enter_bug.cgi:2805 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_st.... enter_bug.cgi:2841 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_tr.... enter_bug.cgi:2861 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_st.... enter_bug.cgi:2897 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_tr.... enter_bug.cgi:2917 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source:
initHidingOptionsForIE('cf_st.... enter_bug.cgi:2953 Content Security
Policy: The page’s settings blocked the loading of a resource at self
(“script-src”). Source: var tracking_flags_str = "{\"types\":....
enter_bug.cgi:2959 Content Security Policy: The page’s settings blocked
the loading of a resource at self (“script-src”). Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings observed the loading of a resource at self
(“script-src”). A CSP report is being sent. Source: onchange attribute
on SELECT element. enter_bug.cgi Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: onchange attribute on SELECT element. enter_bug.cgi Content
Security Policy: The page’s settings observed the loading of a resource
at self (“script-src”). A CSP report is being sent. Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onchange attribute on SELECT
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings observed the loading of a resource at self
(“script-src”). A CSP report is being sent. Source: onchange attribute
on SELECT element. enter_bug.cgi Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: onchange attribute on SELECT element. enter_bug.cgi Content
Security Policy: The page’s settings observed the loading of a resource
at self (“script-src”). A CSP report is being sent. Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: onchange attribute on SELECT
element. enter_bug.cgi Content Security Policy: The page’s settings
observed the loading of a resource at self (“script-src”). A CSP report
is being sent. Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings blocked the
loading of a resource at self (“script-src”). Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings observed the loading of a resource at self
(“script-src”). A CSP report is being sent. Source: onchange attribute
on SELECT element. enter_bug.cgi Content Security Policy: The page’s
settings blocked the loading of a resource at self (“script-src”).
Source: onchange attribute on SELECT element. enter_bug.cgi Content
Security Policy: The page’s settings observed the loading of a resource
at self (“script-src”). A CSP report is being sent. Source: onchange
attribute on SELECT element. enter_bug.cgi Content Security Policy: The
page’s settings blocked the loading of a resource at self
(“script-src”). Source: onchange attribute on SELECT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onchange attribute on SELECT element. enter_bug.cgi
Content Security Policy: The page’s settings blocked the loading of a
resource at self (“script-src”). Source: $(function() { var
tracking_flag_.... enter_bug.cgi:3376 Content Security Policy: The
page’s settings blocked the loading of a resource at self
(“script-src”). Source: onclick attribute on INPUT element.
enter_bug.cgi Content Security Policy: The page’s settings observed the
loading of a resource at self (“script-src”). A CSP report is being
sent. Source: onclick attribute on INPUT element. enter_bug.cgi Content
Security Policy: The page’s settings blocked the loading of a resource
at self (“script-src”). Source: $(function() { REVIEW.init_mand....
enter_bug.cgi:3437
</pre>

Finally writing the bug report i have no idea about the correct formatting.

Please add a link how to format a report that is available without js.
JavaScript is required to use the most features in Bugzilla. Even if the sign-in/up works without JavaScript, other parts won’t work. So unfortunately this can’t be solved.
Assignee: user-accounts → nobody
Status: UNCONFIRMED → RESOLVED
Closed: Last year
Component: User Accounts → General
Product: Bugzilla → bugzilla.mozilla.org
QA Contact: default-qa
Resolution: --- → WONTFIX
Version: unspecified → Production
Bug 1427844 is probably what you are looking for.
This is not correct for reporting bugs and other basic functionality.

I am using bugzilla without javascript and am happy to do so. No need to enable javascript.

Please respect the choices of people who help to make your product better.
You need to log in before you can comment on or make changes to this bug.