Closed Bug 1496081 Opened 7 years ago Closed 5 years ago

Images are broken on hootsuite.com while Tracking Protection Basic is enabled

Categories

(Core :: Privacy: Anti-Tracking, defect, P3)

64 Branch
x86_64
Windows 10
defect

Tracking

()

RESOLVED DUPLICATE of bug 1628176

People

(Reporter: oanaarbuzov, Unassigned)

References

(Blocks 1 open bug, )

Details

(Whiteboard: [tp-content][tp-yellowlist-active][tp-shim-content][tp-embedded-media])

User Story

cloudfront.net

Attachments

(2 files)

Attached image BrokenImages.png
[Environment:] Browser / Version: Firefox Nightly 64.0a1 (2018-10-02) Operating System: Windows 10 Pro [Prerequisites:] 1. Tracking Protection Basic enabled. 2. Account created here https://hootsuite.com/create-free-account and signed in. 3. Permission to access Twitter allowed. [Steps to Reproduce:] 1. Navigate to https://hootsuite.com/dashboard 2. Scroll down the page and observe Twitter post. [Expected Behavior:] Images are displayed. [Actual Behavior:] Images are not displayed (from posts/account pictures/video preview).
The issue is related to `Images` breakage. Looking at the devtools console, here are the blocked resources: The resource at “https://www.googletagmanager.com/gtm.js?id=GTM-NSJRPB” was blocked because content blocking is enabled. The resource at “https://www.googletagservices.com/tag/js/gpt.js” was blocked because content blocking is enabled. The resource at “https://pbs.twimg.com/profile_images/1013900205316452353/zMu3QYXM_normal.jpg” was blocked because content blocking is enabled. The resource at “https://abs.twimg.com/sticky/default_profile_images/default_profile_normal.png” was blocked because content blocking is enabled. So below are the domains to test: - ​www.googletagmanager.com - ​www.googletagservices.com - ​pbs.twimg.com - ​abs.twimg.com I opened the URL in a fresh browser profile (Firefox Nightly 64, uMatrix installed, normal mode) and loaded the page. The images are not displayed. I disabled the Spoof Referrer option in uMatrix and then WHITELISTED: - d12qyuqyvqjkw5.cloudfront.net (including related domains) and the images are displayed. The other resources didn't help. So in conclusion: - cloudfront.net is in Content category = [tp-content]
User Story: (updated)
Whiteboard: [tp-content]
Attached image uMatrixResults.png
Added uMatrix results.
(In reply to Oana Arbuzov [:oanaarbuzov] from comment #1) > So in conclusion: > - cloudfront.net is in Content category = [tp-content] That's an odd one. This is not actually blocked in basic mode, therefore, this site should not be broken when using the standard list. We'll need to investigate further.
Component: Desktop → Tracking Protection
Product: Tech Evangelism → Firefox
Version: Firefox 64 → 64 Branch
URL: https://hootsuite.com/dashboardhttps://hootsuite.com/dashboard
Component: Protections UI → Privacy: Anti-Tracking
Product: Firefox → Core

This is another case where we ought to be able to shim platform.js to detect Twitter posts/images/etc, and let the user opt into yellow-listing them with a simple placeholder UI.

Blocks: tp-twitter
Whiteboard: [tp-content] → [tp-content][tp-yellowlist-active][tp-shim-content][tp-embedded-media]

If embedded Twitter contents require cookies from twitter.com (third party cookie) to embed contents, this is the right behavior.

No longer blocks: tp-twitter
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: