Cannot log into AWS IAM account
Categories
(Core :: Privacy: Anti-Tracking, defect, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox66 | --- | unaffected |
firefox67 | --- | wontfix |
firefox68 | --- | fix-optional |
People
(Reporter: botsarehots, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: regression, Whiteboard: [tp-needsrepro])
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
Steps to reproduce:
Attempt to login to AWS IAM accout (At a url similar to: https://signin.aws.amazon.com/oauth?redirect_uri=STUFF)
Firefox 68.0a1 (2019-04-11) (64-bit)
Actual results:
Page did not appear to redirect after pressing login button.
Expected results:
Page should have redirected to AWS console for IAM user.
Comment 1•5 years ago
|
||
Hi, I've tested this on Mac OS X 10.14 with FF Nightly 68.0a1(2019-04-18) and I when I click on the link provided by you I have this error "{"error": "invalid_request","error_description": "Missing required parameter"}". The same behaviour is repro on Chrome. Can you please add more details in order to be able to retest this?
Reporter | ||
Comment 2•5 years ago
|
||
On Ubuntu MATE 18.04 LTS using Firefox Nightly 68.0a1 (2019-04-19) (64-bit)
- Go to https://aws.amazon.com/console/
- In the top right corner, click the "My Account" drop down menu.
- In the drop down menu click "AWS Management Console".
- Enter the account ID for your IAM user.
- Login on the next page with your IAM user.
- (Problem) When the button is pressed, the screen flashes, but does not redirect to the console.
It's difficult to provide a URL for this, because it contains a lot of information, likely specific to the session or user.
Comment 3•5 years ago
|
||
Thanks for your detailed steps, unfortunately, I don't have an IAM user to be able to reproduce this issue. I will set the component fro this issue.
Also, this issue is a regression, if you use FF Release 66.0.3 you are able to reproduce it?
Reporter | ||
Comment 4•5 years ago
|
||
Using Ubuntu MATE 18.04 LTS and Firefox 66.0.3 (64-bit)
I can successfully log into the AWS IAM console.
Comment 5•5 years ago
|
||
Would you be willing to help try to narrow down a more-specific culprit? Given the fact that I don't have an account, I can't find the regression.
If you're willing, we have a tool called mozregression that will automate the process of downloading various builds from during the Firefox 68 development cycle to narrow down the change that's causing problems. Information on the tool is available at http://mozilla.github.io/mozregression/. A command like |mozregression --good 2018-12-15 --bad-2019-04-18| should be enough to get started. Thanks!
Updated•5 years ago
|
Reporter | ||
Comment 6•5 years ago
|
||
Always happy to help debug in ways I am technically adept. I've installed mozregression and started doing this now.
Updated•5 years ago
|
Reporter | ||
Comment 7•5 years ago
|
||
mozregressoin passed for all versions.
The culprit of this issue appears to be in blocking tracking.
My Firefox Nightly version is configured to block all trackers in all windows (Level 1). This is on Firefox's "Preferences" --> "Privacy & Security" page.
When set to block tracking only in private windows, I can sign into my AWS IAM account in a non-private window.
As of now, it does not appear to me that this is a bug in Firefox itself. However, if it is possible to contact and get AWS to change whatever it is that catches on the tracking protection for IAM accounts OR change the tracking protection Level 1 to accept whatever AWS is doing in this specific case. That would be my preferred user experience as I enjoy the tracking protection in all windows.
Comment 8•5 years ago
|
||
Thanks very much for your help, there will be one more thing that you can do, open the latest Nightly 68.0a1 version and go to "Preferences" --> "Privacy & Security" page and from the Content Blocking section please select "Strict" and retest the issue.
Reporter | ||
Comment 9•5 years ago
|
||
Using Ubuntu MATE 18.04 LTS and Firefox Nightly 68.0a1 (2019-04-22)
I rechecked the issue with strict content blocking and I could successfully log in.
Comment 10•5 years ago
|
||
I will set the Tracking Protection component and I will NI? Johann, he's working on this and maybe he can take a look over this issue. Thanks botsarehots, for your testing and thanks Johann in advance for looking at this.
Updated•5 years ago
|
Updated•5 years ago
|
Comment 11•5 years ago
|
||
Thanks for the report, this seems to be breakage from Tracking Protection.
Updated•5 years ago
|
Comment 12•5 years ago
|
||
I don't have a fully working AWS account, but I am redirected to my semi-functional (without card info) account when I visit that link and try to log in while in strict mode, so is this perhaps working now, Johann?
Comment 13•5 years ago
|
||
Bugbug thinks this bug is a regression, but please revert this change in case of error.
Comment 14•4 years ago
|
||
Yeah I don't think I actually tried to reproduce the issue back then. :)
Comment 15•4 years ago
|
||
botsarehots, can you confirm if AWS IAM logins are still broken with tracking protection on, as per your original report?
Reporter | ||
Comment 16•4 years ago
|
||
(In reply to Thomas Wisniewski [:twisniewski] from comment #15)
botsarehots, can you confirm if AWS IAM logins are still broken with tracking protection on, as per your original report?
Using Firefox Nightly 77.0a1 (2020-04-22) on the same OS as the original bug report and "strict" tracking protection selected, I can login to my AWS IAM account normally.
Comment 17•4 years ago
|
||
Thanks, then let's close this for now.
Description
•