Closed Bug 1556827 Opened 1 year ago Closed 1 year ago

Unexpected error when attempting to follow login link on ppocu.org

Categories

(Core :: DOM: Security, defect, P3)

defect

Tracking

()

VERIFIED FIXED
mozilla69
Tracking Status
firefox-esr60 --- unaffected
firefox-esr68 69+ verified
firefox67 --- wontfix
firefox68 --- wontfix
firefox69 + verified

People

(Reporter: cclouse, Assigned: tnguyen)

References

(Blocks 1 open bug, Regression, )

Details

(Keywords: regression)

Attachments

(2 files, 1 obsolete file)

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 OPR/60.0.3255.109

Steps to reproduce:

Go to PPOCU.ORG
Click the first Home banking button

Actual results:

The Application has encountered an unexpected error.

If this error persists please contact Customer Support.
Error Information:
ErrorCode: 404
URI: /Centryx/servlet/com.sos.webteller.WebTellLogin
Cause: null

Tue Jun 04 14:39:45 EDT 2019

Expected results:

A login page should have shown up

Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0

Hi,

I have managed to reproduce this issue on latest FF release (67.0.2) and latest Nightly build 69.0a1 (2019-06-11) using Windows 10, Ubuntu 18 and Mac OS 10.12
I will move this over to a component so developers can take a look over it. If is not the correct component please feel free to change it to an appropriate one.

Note that if the user opens "Home banking login" in a new tab (right click on "Home banking login" hyperlink, copy link location and paste it in a new tab) the user is redirected to the Login page as expected. With "Open link in new tab" by right click on Home banking login also does not work, just with copy-paste link it works.

Thank you for the report.

Status: UNCONFIRMED → NEW
Component: Untriaged → Knowledge Base Content
Ever confirmed: true
OS: Unspecified → All
Product: Firefox → support.mozilla.org
Hardware: Unspecified → All
Version: 67 Branch → unspecified

This is not a support.mozilla.org bug. It appears to be a Product: Web Compatibility bug since it involves an issue with a specific site or sites. The bug summary indicates "websites" but you only mentioned the PPOCU.ORG website.

For the record, I do see the issue in Firefox 67.0.2 (Windows 7 64-bit) when I visit http://ppocu.org/ and click on the Home Banking login link, which is https://www.secure-ppocu.org/ ; however, the problem does not occur in Firefox 66.0.5 or in Firefox 60.7.0esr (32-bit versions on 64-bit Windows 7). The site also works correctly in the current versions of Google Chrome and SeaMonkey. In those cases, https://www.secure-ppocu.org/ redirects to the login page, https://www.secure-ppocu.org/Centryx/servlet/com.sos.webteller.accountaccess.LoginFrame?SOSSessionID= <snip>

Component: Knowledge Base Content → Desktop
Product: support.mozilla.org → Web Compatibility

(In reply to cclouse from comment #3)

The fact that you are saying that this is basically not your problem is unacceptable.

No one said that this was not a Firefox problem. This bug as been confirmed in Firefox 67 and above. I'm not involved in Web Compatibility issues so I'll stop following this bug but it remains open.

I apologize. That is the way it seemed when you said, "This is not a support.mozilla.org bug." Please direct me to the appropriate person if you could.

Thank you.

Hi cclouse. Did this issue appear in a specific version of Firefox (67?), or is the timing unrelated? Thanks.

Flags: needinfo?(cclouse)
Priority: -- → P3

I'm not sure if you're able to see any of the previous comments, but Alyce Wyman said the following:

"For the record, I do see the issue in Firefox 67.0.2 (Windows 7 64-bit) when I visit http://ppocu.org/ and click on the Home Banking login link, which is https://www.secure-ppocu.org/ ; however, the problem does not occur in Firefox 66.0.5 or in Firefox 60.7.0esr (32-bit versions on 64-bit Windows 7). The site also works correctly in the current versions of Google Chrome and SeaMonkey. In those cases, https://www.secure-ppocu.org/ redirects to the login page, https://www.secure-ppocu.org/Centryx/servlet/com.sos.webteller.accountaccess.LoginFrame?SOSSessionID= <snip>"

This is the first time my members have made a complaint about this issue so I am assuming it is just with the newest version, but I can't be 100% sure without testing out other versions.

Thanks, I had missed that comment.

Flags: needinfo?(cclouse)

STR:

  1. visit http://ppocu.org
  2. click on Home Banking Login (top left)

Expected: it works
Actual: unexpected error page.

Note: the button links to https://www.secure-ppocu.org/, and if you visit that directly it works as expected.

Summary: firefox is directing to bad links so valid websites are not showing up. This is happening on all browsers including on phones and tablets. URI: /Centryx/servlet/com.sos.webteller.WebTellLogin → Unexpected error when attempting to follow login link on ppocu.org

Thomas, it looks like 1517703 broke being able to follow the link to log in. Can you take a look?

17:22.81 INFO: Last good revision: 2d0505c5268166d02124627e1d60b06fd9877965
17:22.81 INFO: First bad revision: 64c8b805491a53f1f5e59f600a423492e1a14fbb
17:22.81 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=2d0505c5268166d02124627e1d60b06fd9877965&tochange=64c8b805491a53f1f5e59f600a423492e1a14fbb

Flags: needinfo?(tnguyen)
Keywords: regression
Regressed by: 1517703
Assignee: nobody → tnguyen
Flags: needinfo?(tnguyen)

Time is pretty tight to get a fix into 68, but we could still take a patch for 69.

NI for a ph comment.

Flags: needinfo?(tnguyen)

Thanks smaug for looking at this bug. I updated a ph request.

Flags: needinfo?(tnguyen)
Pushed by tnguyen@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/ca50879f67b3
Dont send referrer in case of meta refresh redirect r=smaug
Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED

Seems a bit much to take in a 68 dot release, but is this something we should consider fixing in ESR68 before we start seeing a lot of migration over to it from ESR60?

Component: Desktop → DOM: Security
Flags: needinfo?(tnguyen)
Product: Web Compatibility → Core
Target Milestone: --- → mozilla69

Wrong file

Flags: needinfo?(tnguyen)
Attachment #9078605 - Flags: approval-mozilla-esr68?
Attachment #9078605 - Attachment is obsolete: true
Attachment #9078605 - Flags: approval-mozilla-esr68?

ESR Uplift Approval Request

Attachment #9078606 - Flags: approval-mozilla-esr68?
Attachment #9073848 - Flags: approval-mozilla-esr68?
Attachment #9073848 - Flags: approval-mozilla-esr68?
Flags: qe-verify+
Flags: in-testsuite+
Comment on attachment 9078606 [details] [diff] [review]
0001-Bug-1556827-Dont-send-referrer-in-case-of-meta-refre.patch

Fixes a regression causing the inability to log in to some sites. Approved for 68.1esr. We should probably try to get some verification of this fix also.
Attachment #9078606 - Flags: approval-mozilla-esr68? → approval-mozilla-esr68+

We should probably try to get some verification of this fix also.

The STR from Comment #9 no longer reproduce in Nightly, i.e., this patch fixed the bug as reported.

Status: RESOLVED → VERIFIED
QA Whiteboard: [qa-triaged]

Verified - fixed on latest Beta 69.0b5, tested on Windows 10, Mac OS 10.13 and Ubuntu 18.04.

Verified - fixed on latest 68.1.0esr, tested on Windows 10, Mac OS 10.13 and Ubuntu 18.04.

QA Whiteboard: [qa-triaged]
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.