Closed
Bug 1496081
Opened 7 years ago
Closed 5 years ago
Images are broken on hootsuite.com while Tracking Protection Basic is enabled
Categories
(Core :: Privacy: Anti-Tracking, defect, P3)
Tracking
()
RESOLVED
DUPLICATE
of bug 1628176
People
(Reporter: oanaarbuzov, Unassigned)
References
(Blocks 1 open bug, )
Details
(Whiteboard: [tp-content][tp-yellowlist-active][tp-shim-content][tp-embedded-media])
User Story
cloudfront.net
Attachments
(2 files)
[Environment:]
Browser / Version: Firefox Nightly 64.0a1 (2018-10-02)
Operating System: Windows 10 Pro
[Prerequisites:]
1. Tracking Protection Basic enabled.
2. Account created here https://hootsuite.com/create-free-account and signed in.
3. Permission to access Twitter allowed.
[Steps to Reproduce:]
1. Navigate to https://hootsuite.com/dashboard
2. Scroll down the page and observe Twitter post.
[Expected Behavior:]
Images are displayed.
[Actual Behavior:]
Images are not displayed (from posts/account pictures/video preview).
| Reporter | ||
Comment 1•7 years ago
|
||
The issue is related to `Images` breakage.
Looking at the devtools console, here are the blocked resources:
The resource at “https://www.googletagmanager.com/gtm.js?id=GTM-NSJRPB” was blocked because content blocking is enabled.
The resource at “https://www.googletagservices.com/tag/js/gpt.js” was blocked because content blocking is enabled.
The resource at “https://pbs.twimg.com/profile_images/1013900205316452353/zMu3QYXM_normal.jpg” was blocked because content blocking is enabled.
The resource at “https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png” was blocked because content blocking is enabled.
So below are the domains to test:
- www.googletagmanager.com
- www.googletagservices.com
- pbs.twimg.com
- abs.twimg.com
I opened the URL in a fresh browser profile (Firefox Nightly 64, uMatrix installed, normal mode) and loaded the page. The images are not displayed.
I disabled the Spoof Referrer option in uMatrix and then WHITELISTED:
- d12qyuqyvqjkw5.cloudfront.net (including related domains)
and the images are displayed.
The other resources didn't help.
So in conclusion:
- cloudfront.net is in Content category = [tp-content]
User Story: (updated)
Whiteboard: [tp-content]
| Reporter | ||
Comment 2•7 years ago
|
||
Added uMatrix results.
Comment 3•7 years ago
|
||
(In reply to Oana Arbuzov [:oanaarbuzov] from comment #1)
> So in conclusion:
> - cloudfront.net is in Content category = [tp-content]
That's an odd one.
This is not actually blocked in basic mode, therefore, this site should not be broken when using the standard list.
We'll need to investigate further.
Component: Desktop → Tracking Protection
Product: Tech Evangelism → Firefox
Version: Firefox 64 → 64 Branch
Updated•6 years ago
|
URL: https://hootsuite.com/dashboard → https://hootsuite.com/dashboard
Component: Protections UI → Privacy: Anti-Tracking
Product: Firefox → Core
Comment 4•6 years ago
|
||
This is another case where we ought to be able to shim platform.js to detect Twitter posts/images/etc, and let the user opt into yellow-listing them with a simple placeholder UI.
Blocks: tp-twitter
Updated•6 years ago
|
Whiteboard: [tp-content] → [tp-content][tp-yellowlist-active][tp-shim-content][tp-embedded-media]
Comment 5•5 years ago
|
||
If embedded Twitter contents require cookies from twitter.com (third party cookie) to embed contents, this is the right behavior.
You need to log in
before you can comment on or make changes to this bug.
Description
•