Closed Bug 1641810 Opened 2 years ago Closed 10 months ago

Can’t login to Office 365 from certain Ubuntu/Windows machines

Categories

(Firefox :: Untriaged, defect)

All
Linux
defect

Tracking

()

RESOLVED WORKSFORME
Tracking Status
firefox-esr68 --- wontfix
firefox77 --- wontfix
firefox78 --- wontfix
firefox80 --- wontfix
firefox83 --- wontfix

People

(Reporter: Anca, Unassigned)

Details

Attachments

(2 files)

Affected versions

  • 77.0 - build 3
  • 78.0a1

Affected platforms

  • Ubuntu 18.04

Steps to reproduce:

  • Try to log in into Office 365 with valid credential

Expected result

  • The user is able to log in

Actual result

  • The user can’t log in

Regression range

  • Reproducible on old profile 67.0a1, but I’m certain this worked since then on my machine, so there are probably other interactions; note that on Chrome I have no problem to log in.

Additional notes

  • Tested on 3 Ubuntu machines (2 - reproducible, 1 - not reproducible)
Has Regression Range: --- → irrelevant
Has STR: --- → yes

I see a similar loop with my bank as of 2 days ago in Release on Linux. Don't know if it's related but maybe it is.

I feel like this might be a cookies-related issue and not a Widget-related issue but I'll let those more knowledgeable make that call.

Flags: needinfo?(amarchesini)

S1 or S2 bugs need an assignee - could you find someone for this bug?

Flags: needinfo?(jmathies)

(In reply to Andrew Overholt [:overholt] from comment #1)

I see a similar loop with my bank as of 2 days ago in Release on Linux. Don't know if it's related but maybe it is.

I feel like this might be a cookies-related issue and not a Widget-related issue but I'll let those more knowledgeable make that call.

I'm not able to reproduce this issue with office.com. Can you please check if the issue is reproducible with pref network.cookie.sameSite.laxByDefault set to false? If yes, can you do the same test with pref network.cookie.sameSite.schemeful set to false?

Flags: needinfo?(amarchesini) → needinfo?(anca.soncutean)

(In reply to Andrea Marchesini [:baku] from comment #3)

I'm not able to reproduce this issue with office.com. Can you please check if the issue is reproducible with pref network.cookie.sameSite.laxByDefault set to false? If yes, can you do the same test with pref network.cookie.sameSite.schemeful set to false?

No changes on my side, I can still reproduce the issue.

Flags: needinfo?(anca.soncutean)

(In reply to Andrea Marchesini [:baku] from comment #3)

(In reply to Andrew Overholt [:overholt] from comment #1)

I see a similar loop with my bank as of 2 days ago in Release on Linux. Don't know if it's related but maybe it is.

Can you please check if the issue is reproducible with pref network.cookie.sameSite.laxByDefault set to false? If yes, can you do the same test with pref network.cookie.sameSite.schemeful set to false?

Not sure if my bank problem is even the same issue but I can confirm laxByDefault is set to false and the schemeful pref doesn't exist in release on Linux where I'm having the issue. (FWIW I can log in in a new profile)

Definitely not a widget bug. Pushing up to Firefox, maybe they can find an owner. A regression range would be helpful.

Component: Widget → General
Flags: needinfo?(jmathies)
Product: Core → Firefox

I think we need some more info here.

So it's definitely Linux only? Not on any other systems?

Can you check the Javascript log for errors?

Which specific office365 URL are you using?

Component: General → Networking
Flags: needinfo?(anca.soncutean)
Product: Firefox → Core

(In reply to Mike Kaply [:mkaply] from comment #7)

So it's definitely Linux only? Not on any other systems?

  • I can only reproduce it on Ubuntu; I’ve double checked with two of my colleagues with Ubuntu 18 (when the issue was submitted), one reproduced the issue, one didn’t. Windows, Mac are not affected.

Can you check the Javascript log for errors?

Which specific office365 URL are you using?

  • link 1 or link 2 .. none of them work on Firefox, while on Chrome I have no problem to log in.
Flags: needinfo?(anca.soncutean)

I did a quick check for me and I can login on Ubuntu. I'm at a loss on what to do with this one.

Happened to me on Windows 8.1 on two clean profiles on beta 80.0b6.

Is his still reproducible?
Can you make a http log:
https://developer.mozilla.org/en-US/docs/Mozilla/Debugging/HTTP_logging

Flags: needinfo?(anca.soncutean)

Hello,

I can still reproduce this issue in 82.0b7 I will attach the log file. Here is a the HTTP LOG

Flags: needinfo?(anca.soncutean)

I took a quick look at the log, but can't find anything fishy.

The js error message in comment #8 regarding to LoginManagerChild.jsm seems suspicious.
https://drive.google.com/file/d/1bfaC5IzMBhNCSnfe12bNQrzvHHJEqoOU/view?usp=sharing

:Mardak, could you take a look at the js error message? Does this error message have something to do with this bug?

Flags: needinfo?(edilee)

Issue is reproducible with Windows 7x64, Firefox 83.0 and Firefox Nightly 84.0a1. On Google Chrome Office 365 works fine.

Summary: Can’t login to Office 365 from certain Ubuntu machines → Can’t login to Office 365 from certain Ubuntu/Windows machines

I can't reproduce it on my Ubuntu 20/Windows 10. Do we suspect any specific causes for this issue?
Does it still reproduce on the bug's original OS/system?

If it is not an intermittent issue, then maybe a regression investigation with mozregression could be performed.
What do you think, Anca?

Flags: needinfo?(anca.soncutean)

(In reply to Bodea Daniel [:danibodea] from comment #15)

I can't reproduce it on my Ubuntu 20/Windows 10. Do we suspect any specific causes for this issue?
Does it still reproduce on the bug's original OS/system?

If it is not an intermittent issue, then maybe a regression investigation with mozregression could be performed.
What do you think, Anca?

This issue is still reproducible on my Ubuntu 18.04 with the latest Nightly/Beta versions. On the affected test machines, the issue is 100% reproducible. Any regression investigation is redundant, something seems to trigger this issue at the OS level, I’ve double checked with an older Firefox (version 54) and the login problem manifests there too, but as mentioned in bug’s descriptions, I know for a fact, on versions close to the one on which the issue was first encountered, at some point the login functionality worked (note that a simple Office 365 login is a test frequently run by our team). Apart from what was already mentioned as additional information by me and my colleagues, not sure what interaction could be the main cause here (note that logging works just fine on Chrome, using the same test machine). At this point we can only provide any other more specific info if requested.

Flags: needinfo?(anca.soncutean)

Canyou take a look at the error on the screenshot from comment #13?
Thank you.

Flags: needinfo?(mozilla+bmo)
Component: Networking → Password Manager
Product: Core → Toolkit

:danibodea can you pls verify it is still an issue?

Flags: needinfo?(mozilla+bmo) → needinfo?(daniel.bodea)

I could never reproduce it, but Anca did. Is this still reproducing, Anca?
Relevant information can also be found in her comment 16.

Flags: needinfo?(daniel.bodea) → needinfo?(anca.soncutean)

(In reply to Bodea Daniel [:danibodea] from comment #19)

I could never reproduce it, but Anca did. Is this still reproducing, Anca?
Relevant information can also be found in her comment 16.

Yes, I can still reproduce this issue on my Ubuntu 18.04 on the latest Nightly (95.0a1) and Beta (94.0b8).

Flags: needinfo?(anca.soncutean)

I'm at a complete loss on this. Does it happen with a new profile? Are cookies disabled? Or strict tracking protection turned on?

Can you zip up your profile and give it to me?

Anca, can you send :mkaply your zipped profile? Hopefully that gives us something that consistently reproduces the issue.

Flags: needinfo?(edilee) → needinfo?(anca.soncutean)

Here is the attached profile on which the issue is reproducible.

Flags: needinfo?(anca.soncutean)

Unfortunately I'm not getting the same behavior because I have 2 factor auth setup for my microsoft account. I'll try to create a test account.

I'm at a loss. I created a test account, used your profile and I don't see the problem.

Priority: -- → P3

Please try turn off the password manager signon.rememberSignons=false and see if the problem still happens. If so, this should be moved to a different component.

Flags: needinfo?(anca.soncutean)

(In reply to Matthew N. [:MattN] from comment #26)

Please try turn off the password manager signon.rememberSignons=false and see if the problem still happens. If so, this should be moved to a different component.

I can reproduce this issue regardless the state of the mentioned above pref.

Flags: needinfo?(anca.soncutean)
Component: Password Manager → Untriaged
Priority: P3 → --
Product: Toolkit → Firefox

Could you try this in private browsing? Does it work in a clean profile?

Could you attach an http log from about:networking with the issue reproducing?

Karl, just to check, do you have any ideas about what could be the cause of this issue, esp. considering mkaply can't reproduce with the same profile (so presumably same cookies etc. ) ?

Flags: needinfo?(kdubost)
Flags: needinfo?(catalin.sasca)
Flags: needinfo?(anca.soncutean)

Trying to gather facts from the comments.

  • Some people reproduces it on Ubuntu and Windows. (Ubuntu 18, Windows 7, Windows 8)
  • Some people on Windows can't reproduce it. (Ubuntu 20/Windows 10.)
  • This doesn't seem to be a regression
  • Password manager is not the cause
  • SameSite is not the cause

Steps to reproduce:

  1. With Firefox Nightly 96.0a1 (2021-11-23) (64-bit) on MacOS 12.0.1 (21A559). (Fresh Profile). Firefox has pop-up windows blocked.
  2. Go to https://www.office.com/
  3. Used an enterprise test account (already pre-existing account)
  4. login/password. No issue.

Quitting Firefox Nightly and restarting a new fresh profile.

  1. With Firefox Nightly 96.0a1 (2021-11-23) (64-bit) on MacOS 12.0.1 (21A559). (Fresh Profile)
  2. Go to https://www.office.com/
  3. Used a gmail address (already pre-existing office account)
  4. login/password. No issue.

This is the log in the console in the second case. Usual warnings, but everything is working fine.
For the redirections, we get:

  1. http://office.com/
  2. https://www.office.com/login?es=Click&ru=%2F
  3. https://login.live.com/oauth20_authorize.srf?client_id=… (cut)
  4. https://login.live.com/ppsecure/post.srf?client_id=… (cut)
  5. https://login.live.com/ppsecure/post.srf?client_id=… (cut)

… and that's all

It's interesting because in the browser the final URL is https://www.office.com/?auth=1 but there was no navigation involved in the console for this last one.

I wonder for people at which step it fails. The beginning or at a specific point in the redirection game.

Also I wonder if there are issues with Antivirus/proxy setup for some people.

Also does it fail for recent versions of Ubuntu and Windows, or is it just old version of Ubuntu/Windows.

Also fwiw is you search online for office365 login fail chrome you discover that people on Chrome may have issues too sometimes.

09:50:08.624 Navigated to http://office.com/

09:50:09.009 Some cookies are misusing the “SameSite“ attribute, so it won’t work as expected 8
09:50:09.009 Cookie “CreateFreeAccountButton” has been rejected because it is already expired. www.office.com
09:50:09.009 Cookie “p.UnauthUserCookie” has been rejected because it is already expired. www.office.com
09:50:09.009 Cookie “OhpAuth” has been rejected because it is already expired. www.office.com
09:50:09.009 Cookie “OhpToken” has been rejected because it is already expired. www.office.com
09:50:09.009 Cookie “UserIndex” has been rejected because it is already expired. www.office.com
09:50:09.210 This page uses the non standard property “zoom”. Consider using calc() in the relevant property values, or using “transform” along with “transform-origin: 0 0”. www.office.com
09:50:10.185 downloadable font: maxp: Bad maxZones: 0 (font-family: "SegoeUI-SemiBold" style:normal weight:400 stretch:100 src index:3) source: https://res-1.cdn.office.net/officehub/versionless/webfonts/segoeui_semibold.woff2
09:50:10.300 Partitioned cookie or storage access was provided to “https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.office.com/” because it is loaded in the third-party context and dynamic state partitioning is enabled.
09:50:18.993 The resource at “https://res-1.cdn.office.net/officehub/versionless/webfonts/segoeui_light.woff2” preloaded with link preload was not used within a few seconds. Make sure all attributes of the preload tag are set correctly. www.office.com
09:50:18.993 The resource at “https://res-1.cdn.office.net/officehub/versionless/webfonts/segoeui_regular.woff2” preloaded with link preload was not used within a few seconds. Make sure all attributes of the preload tag are set correctly. www.office.com
09:50:18.993 The resource at “https://res-1.cdn.office.net/officehub/versionless/webfonts/segoeui_semilight.woff2” preloaded with link preload was not used within a few seconds. Make sure all attributes of the preload tag are set correctly. www.office.com

09:50:20.957 Navigated to https://www.office.com/login?es=Click&ru=%2F

09:50:21.563 Cookie “CkTst” has “SameSite” policy set to “Lax” because it is missing a “SameSite” attribute, and “SameSite=Lax” is the default value for this attribute. ConvergedLogin_PCore_-crRrmu1fyxRq0drxsS_Tw2.js:13:28324
09:50:22.056 Partitioned cookie or storage access was provided to “https://login.live.com/Me.htm?v=3” because it is loaded in the third-party context and dynamic state partitioning is enabled.

09:50:45.999 Navigated to https://login.live.com/oauth20_authorize.srf?client_id=REMOVED&scope=openid+profile+https%3a%2f%2fwww.office.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2fwww.office.com%2flandingv2&response_type=code+id_token&state=REMOVED&response_mode=form_post&nonce=REMOVED&x-client-SKU=ID_NETSTANDARD2_0&x-client-Ver=6.12.1.0&uaid=REMOVED&msproxy=1&issuer=mso&tenant=common&ui_locales=en&username=removed_email%40gmail.com&login_hint=removed_email%40gmail.com


09:50:46.562 Cookie “CkTst” has “SameSite” policy set to “Lax” because it is missing a “SameSite” attribute, and “SameSite=Lax” is the default value for this attribute. ConvergedLogin_PCore_RhRCM-dyjQgE1wtcwOcNtg2.js:13:28267

09:51:10.199 Navigated to https://login.live.com/ppsecure/post.srf?client_id=REMOVED&scope=openid+profile+https%3a%2f%2fwww.office.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2fwww.office.com%2flandingv2&response_type=code+id_token&state=REMOVED&response_mode=form_post&nonce=REMOVED&x-client-SKU=ID_NETSTANDARD2_0&x-client-Ver=6.12.1.0&msproxy=1&issuer=mso&tenant=common&ui_locales=en&username=removed_email%40gmail.com&login_hint=removed_email%40gmail.com&contextid=REMOVED&bk=1637801446&uaid=REMOVED&pid=15216

09:51:10.431 Cookie “MSPOK” has been rejected because it is already expired. post.srf
09:51:10.431 Cookie “__Host-MSAAUTHP” has been rejected because it is already expired. post.srf
09:51:10.431 Cookie “MSPShared” has been rejected because it is already expired. post.srf
09:51:10.431 Cookie “MSPPre” has been rejected because it is already expired. post.srf
09:51:10.431 Cookie “MSPCID” has been rejected because it is already expired. post.srf
09:51:10.431 Cookie “pres” has been rejected because it is already expired. post.srf
09:51:10.431 Cookie “LOpt” has been rejected because it is already expired. post.srf

09:51:12.885 Navigated to https://login.live.com/ppsecure/post.srf?client_id=REMOVED&scope=openid+profile+https%3a%2f%2fwww.office.com%2fv2%2fOfficeHome.All&redirect_uri=https%3a%2f%2fwww.office.com%2flandingv2&response_type=code+id_token&state=REMOVED&response_mode=form_post&nonce=REMOVED&x-client-SKU=ID_NETSTANDARD2_0&x-client-Ver=6.12.1.0&msproxy=1&issuer=mso&tenant=common&ui_locales=en&username=removed_email%40gmail.com&login_hint=removed_email%40gmail.com&contextid=E0C81E71172FE325&bk=1637801446&uaid=REMOVED&pid=15216&opid=D521BAE51F52DB35&route=R3_BAY


09:51:13.202 Cookie “__Host-MSAAUTH” has been rejected because it is already expired. post.srf
09:51:13.202 Cookie “MSPShared” has been rejected because it is already expired. post.srf
09:51:13.202 Cookie “pres” has been rejected because it is already expired. post.srf
09:51:13.202 Cookie “LOpt” has been rejected because it is already expired. post.srf
09:51:13.202 Cookie “MSPOAuthVis” has been rejected because it is already expired. post.srf
09:51:13.202 Cookie “__Host-MSAAUTH” has been rejected because it is already expired. post.srf
09:51:13.202 Cookie “pres” has been rejected because it is already expired. post.srf
09:51:13.202 Cookie “LOpt” has been rejected because it is already expired. post.srf
09:51:13.202 Cookie “MSPOAuthVis” has been rejected because it is already expired. post.srf
09:51:14.220
Some cookies are misusing the “SameSite“ attribute, so it won’t work as expected 41
09:51:14.220 Cookie “CreateFreeAccountButton” has been rejected because it is already expired. www.office.com
09:51:14.220 Cookie “p.UnauthUserCookie” has been rejected because it is already expired. www.office.com
09:51:14.629 downloadable font: maxp: Bad maxZones: 0 (font-family: "SegoeUI" style:normal weight:400 stretch:100 src index:3) source: https://res-1.cdn.office.net/officehub/versionless/webfonts/segoeui_regular.woff2
09:51:14.629 downloadable font: maxp: Bad maxZones: 0 (font-family: "SegoeUI-SemiBold" style:normal weight:400 stretch:100 src index:3) source: https://res-1.cdn.office.net/officehub/versionless/webfonts/segoeui_semibold.woff2
09:51:14.730 Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.onedrive.com/v1.0/drive/root. (Reason: CORS request did not succeed). Status code: (null).

09:51:14.731 Failed to load ‘https://api.onedrive.com/v1.0/drive/root’. A ServiceWorker passed a promise to FetchEvent.respondWith() that resolved with non-Response value ‘null’. sw:1:103169
09:51:14.739 Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://ocws.officeapps.live.com/ocs/v2/recent/docs?apps=Word,Excel,PowerPoint,Visio,OneNote,Sway,Project,Portfolio,Bohemia,Fluid,Forms,PdfViewer,PowerBI&show=100&rs=en-US. (Reason: CORS request did not succeed). Status code: (null).

09:51:14.739 Failed to load ‘https://ocws.officeapps.live.com/ocs/v2/recent/docs?apps=Word,Excel,PowerPoint,Visio,OneNote,Sway,Project,Portfolio,Bohemia,Fluid,Forms,PdfViewer,PowerBI&show=100&rs=en-US’. A ServiceWorker passed a promise to FetchEvent.respondWith() that resolved with non-Response value ‘null’. sw:1:103169
09:51:14.867 The character encoding of a framed document was not declared. The document may appear different if viewed without the document framing it. MsaToken.html
09:51:15.294 The script from “https://www.bing.com/as/init?pt=onedrive&clientid=0003000004D83CBA” was loaded even though its MIME type (“text/html”) is not a valid JavaScript MIME type.
www.office.com
09:51:15.578
Some cookies are misusing the “SameSite“ attribute, so it won’t work as expected 16
09:51:15.761 downloadable font: maxp: Bad maxZones: 0 (font-family: "SegoeUI-Light" style:normal weight:400 stretch:100 src index:3) source: https://res-1.cdn.office.net/officehub/versionless/webfonts/segoeui_light.woff2
09:51:15.777
Some cookies are misusing the “SameSite“ attribute, so it won’t work as expected 10
09:51:15.877
Partitioned cookie or storage access was provided to “<URL>” because it is loaded in the third-party context and dynamic state partitioning is enabled. 4
09:51:16.120
Some cookies are misusing the “SameSite“ attribute, so it won’t work as expected 18
09:51:16.202 The stylesheet https://r4.res.office365.com/owa/prem/15.20.4734.22/scripts/boot.worldwide.0.mouse.js was not loaded because its MIME type, “application/x-javascript”, is not “text/css”. prefetch.aspx
09:51:16.334 The stylesheet https://r4.res.office365.com/owa/prem/15.20.4734.22/scripts/boot.worldwide.1.mouse.js was not loaded because its MIME type, “application/x-javascript”, is not “text/css”. prefetch.aspx
09:51:16.385 The stylesheet https://r4.res.office365.com/owa/prem/15.20.4734.22/scripts/boot.worldwide.2.mouse.js was not loaded because its MIME type, “application/x-javascript”, is not “text/css”. prefetch.aspx
09:51:16.440 The stylesheet https://r4.res.office365.com/owa/prem/15.20.4734.22/scripts/boot.worldwide.3.mouse.js was not loaded because its MIME type, “application/x-javascript”, is not “text/css”. prefetch.aspx
09:51:16.585 The stylesheet https://r4.res.office365.com/owa/prem/15.20.4734.22/resources/images/0/sprite1.mouse.png was not loaded because its MIME type, “image/png”, is not “text/css”. prefetch.aspx

​

Flags: needinfo?(kdubost)

The issue is no longer reproducible on my side on the same Ubuntu 18.04 used 10 days ago, when I could still see the login problem (dirty or clean profile). Tried with latest Nightly, Beta and RC, including an older Firefox build. I don’t use this particular test machine very often, but I don’t recall any particular change to have been done on it. Note, that my colleagues (Catalin and Gabi) couldn’t reproduce it either. Gabi used the same Windows 7 as when first encountering this issue (comment 14), Catalin doesn’t have the same system, but he tried on different ones with Ubuntu 18.0, Windows 8.1 and Windows 10.
I will not change the status of this issue, this problem could still be reproducible though. The Office 365 login functionality appears in our testing pretty often. Will leave a comment if this will occur again for any of us!

Flags: needinfo?(catalin.sasca)
Flags: needinfo?(anca.soncutean)

OK, if this no longer reproduces then that makes it inactionable for now. We can reopen it if the problem recurs, and gather more data then. Clearing S2 so it gets resurfaced in triage if this happens again.

Severity: S2 → --
Status: NEW → RESOLVED
Closed: 10 months ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.