Unable to subscribe to mailing list on wasmweekly.news while Tracking Protection Basic is enabled
Categories
(Core :: Privacy: Anti-Tracking, defect, P3)
Tracking
()
People
(Reporter: oanaarbuzov, Unassigned)
References
(Blocks 1 open bug, )
Details
(Whiteboard: [webcompat][tp-ads][tp-yellowlist-active][tp-shim-content][tp-embedded-media])
User Story
list-manage.com
Attachments
(1 file)
67.92 KB,
image/png
|
Details |
[Environment:] Browser / Version: Firefox Nightly 64.0a1 (2018-09-11) Operating System: Windows 10 Pro, MacOS 10.13.6, Linux Ubuntu 16.04 [Prerequisites:] 1. Tracking Protection Basic enabled. [Steps to Reproduce:] 1. Navigate to https://wasmweekly.news/subscribe/ 2. Type in the email address. 3. Click “Subscribe” button and observe behavior. [Expected Behavior:] Email subscription is performed and a notification message is displayed. [Actual Behavior:] Nothing happens, email subscription is not performed.
Reporter | ||
Updated•6 years ago
|
Reporter | ||
Comment 1•6 years ago
|
||
The issue is related to `trackingprotection` breakage. Looking at the devtools console, here are the blocked resources: The resource at “https://beautify.us7.list-manage.com/subscribe/post-json?u=1e6e13d9f376ab2b22c458c4c&id=69d5c632a5&c=jQuery19007692056166240014_1536759978873&EMAIL=moz%40yahoo.com&b_5230bf0236a0adb19995a2eb4_0d4b4bbe45=&subscribe=&_=1536759978874” was blocked because content blocking is enabled. So below are the domains to test: - beautify.us7.list-manage.com I opened the URL in a fresh browser profile (Firefox Nightly 64, uMatrix installed, normal mode) and loaded the page. The subscription is not performed. I disabled the Spoof Referrer option in uMatrix and then WHITELISTED: - beautify.us7.list-manage.com - s3.amazonaws.com and the subscription was sent. The other resources didn't help. So in conclusion: - list-manage.com is in Advertising category = [tp-ads] - s3.amazonaws.com is not listed
Reporter | ||
Comment 2•6 years ago
|
||
Added uMatrix results.
Assignee | ||
Updated•5 years ago
|
Comment 3•5 years ago
|
||
Migrating Webcompat whiteboard priorities to project flags. See bug 1547409.
Comment 4•5 years ago
|
||
See bug 1547409. Migrating whiteboard priority tags to program flags.
Updated•5 years ago
|
Comment 5•4 years ago
|
||
When I click the subscribe button, this appears in the console:
The resource at “https://beautify.us7.list-manage.com/subscribe/post-json?u=1…bf0236a0adb19995a2eb4_0d4b4bbe45=&subscribe=&_=1586307537393” was blocked because content blocking is enabled. subscribe
And of course, whitelisting https://beautify.us7.list-manage.com/subscribe/post-json
fixes it.
This is a MailChimp service, and the page loads the script //s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
as part of the HTML, which is not being blocked. If we're worried about MailChimp tracking users, we should probably consider their AWS-served resources as well.
But one way or the other, based on their scripts, we could detect when mc-validate.js
is being loaded, and then run some code which will detect clicks on their subscribe buttons (<button type="submit" id="mc-embedded-subscribe">
, which will temporarily whitelist access to the post-json
landing during the clicks. Or we could feasibly shim that script entirely if we wish to block it by default in strict mode.
Updated•4 years ago
|
Reporter | ||
Comment 6•4 years ago
|
||
The issue no longer reproduces with ETP - Standard, I can subscribe to the newsletter.
https://prnt.sc/x7z7dj
Note: The issue still occurs with ETP - Strict enabled.
Tested with:
Browser / Version: Firefox Nightly 86.0a1 (2021-01-18)
Operating System: Windows 10 Pro
Updated•4 years ago
|
Updated•2 years ago
|
Description
•