Closed Bug 1611560 Opened 5 years ago Closed 5 years ago

*.zendesk.com are treated as subdomains

Categories

(Toolkit :: Password Manager: Site Compatibility, defect)

Product:
Toolkit
Component:
Password Manager: Site Compatibility
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1607171
Tracking Flags:
Tracking Status
firefox72 --- wontfix
firefox73 --- wontfix
firefox74 --- wontfix

People

(Reporter: moltres.facesits.justin.coolidge, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0

Steps to reproduce:

Navigate to: https://mediafire.zendesk.com
Attempt to log in with logins saved from Firefox

Actual results:

Firefox tries to use the saved login from https://firemonkeys.zendesk.com instead of https://mediafire.zendesk.com treating them as the same website despite the fact that they are different and have different usernames and passwords.

Expected results:

Firefox should use saved the password from https://www.mediafire.com because the website is linked to MediaFire, NOT Firemonkeys. Firemonkeys is a different website for a different product, and has different usenames and passwords when logging in

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Component: Untriaged → Password Manager
Product: Firefox → Toolkit

Firefox should use saved the password from https://www.mediafire.com

No it should not. The URL https://www.mediafire.com has nothing to do with the URL https://mediafire.zendesk.com . Different domains.

As zendesk.com is not listed anywhere in the public suffix list, Firefox assumes that zendesk.com is the etld+1, therefore anything *.zendesk.com is considered subdomain, and since the subdomains changes have landed bug 1563330 and bug 589628, it will suggest from the zendesk "subdomains", which I think it's not necesarily useful. I remember seing something similar related to zendesk and probably we'll see more of it. Maybe this should go towards the Web Compatibility product? :MattN, should this stay in Password Manager: Site compat or move it to Web Compatibility Product?

Status: UNCONFIRMED → NEW
status-firefox72: --- → affected
status-firefox73: --- → affected
status-firefox74: --- → affected
Component: Password Manager → Password Manager: Site Compatibility
Ever confirmed: true
Flags: needinfo?(MattN+bmo)
Summary: Two different login websites, Firefox treats them as one in regards to saved passwords → *.zendesk.com are treated as subdomains
Version: 72 Branch → Trunk

I don't think there is anything web compat. can do. This is a dupe of bug 1120684 and bug 1607171.

Status: NEW → RESOLVED
Closed: 5 years ago
Flags: needinfo?(MattN+bmo)
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.