Tracking protection panel shows the wrong entry when an automatic storage access grant heuristic is triggered
Categories
(Firefox :: Site Identity, defect)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox69 | --- | unaffected |
| firefox70 | --- | fixed |
People
(Reporter: ehsan.akhgari, Unassigned)
References
Details
(Keywords: regression)
Attachments
(1 file)
|
3.70 MB,
image/png
|
Details |
Screenshot
STR:
- Go to https://www.pinterest.ca/. I tried this in a private window, but I don't believe the bug is specific to private windows.
At this point, the content blocking log looks like this (from the browser console):
await gBrowser.selectedBrowser.getContentBlockingLog()
"{
\"https://www.pinterest.ca\": [[32768, true, 1]],
\"https://accounts.pinterest.com\": [[32768, true, 1]],
\"https://smartlock.google.com\": [[32768, true, 1]],
\"https://apis.google.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 14]],
\"https://connect.facebook.net\": [[4096, true, 1]],
\"https://www.gstatic.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 2]],
\"https://www.google.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 1]],
\"https://accounts.google.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 185]],
\"https://ssl.gstatic.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 3]]
}
"
- Click on "Continue with Google". This will activate our automatic storage access grant heuristic. At this point our content blocking log looks like:
await gBrowser.selectedBrowser.getContentBlockingLog()
"{
\"https://www.pinterest.ca\": [[32768, true, 1]],
\"https://accounts.pinterest.com\": [[32768, true, 1]],
\"https://smartlock.google.com\": [[32768, true, 1]],
\"https://apis.google.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 14]],
\"https://connect.facebook.net\": [[4096, true, 1]],
\"https://www.gstatic.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 2]],
\"https://www.google.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 1]],
\"https://accounts.google.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 247], [536870912, false, 1, 2], [536870912, true, 55]],
\"https://ssl.gstatic.com\": [[8192, true, 1], [32768, true, 1], [536870912, true, 3]]
}
"
Note the newly added [536870912, false, 1, 2] entry for accounts.google.com. That is the newly added content blocking log entry that is being mishandled here.
- Now open the protections panel and open Cookies under it.
Actual Results:
https://accounts.google.com has a "x Blocked" label next to it.
Expected Results:
https://accounts.google.com must have a "x Allowed" label next to it.
Reloading the page at this point will make the bug go away.
We used to have this same bug in the browser-contentblocking.js code before, so I suspect that we probably have a logic bug similar to that one...
|
Reporter | |
Comment 1•6 years ago
|
||
(In reply to :Ehsan Akhgari from comment #0)
We used to have this same bug in the
browser-contentblocking.jscode before, so I suspect that we probably have a logic bug similar to that one...
That was bug 1514070, FWIW.
|
|
Reporter | |
Comment 2•6 years ago
|
||
|
|
Reporter | |
Comment 3•6 years ago
|
||
This bug may be related to bug 1566825 (or in fact a duplicate of bug 1566825). I'm spending some time to debug that bug, will update here with more information...
|
|
Reporter | |
Comment 4•6 years ago
|
||
I confirmed that this is a dupe of bug 1566825.
|
||
Updated•6 years ago
|
Description
•