Closed Bug 1790750 Opened 2 years ago Closed 5 months ago

The page is blank on relearnings.com/linkedinlearning.html with ETP set to Standard

Categories

(Core :: Privacy: Anti-Tracking, defect, P2)

Product:
Core
Component:
Privacy: Anti-Tracking
Version:
Firefox 106
Platform:
Desktop
Windows 10
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
124 Branch
Tracking Flags:
Tracking Status
firefox106 --- wontfix
firefox124 --- verified
firefox125 --- verified

People

(Reporter: ctanase, Assigned: lschwarz)

References

(Blocks 1 open bug,
URL
)

Details

Attachments

(2 files)

in learning.png
308.58 KB, image/png
Details
Bug 1790750 - On https://relearnings.com/linkedinlearning.html linkedin iframe load change window.location to iframe. r?#webcompat-reviewers
48 bytes, text/x-phabricator-request
Details | Review
Attached image in learning.png

Environment:
Operating system: Windows 10
Firefox version: Nightly 106.0a1 (2022-09-13)

Preconditions:
• ETP set to STANDARD
• Clean profile

Steps to reproduce:

  1. Go to https://relearnings.com/linkedinlearning.html
  2. Observe the behaviour.

Expected Behaviour:
The page loads correctly.

Actual Behaviour:
The page is blank.

Notes:

  1. Screenshot provided
  2. Reproducible with both Standard and Strict ETP
  3. Same behaviour in Private

The breakage is caused by ETP protection that we block the cookie access of www.linkedin.com because LinkedIn is a tracker and social tracker. Firefox will throw a security error when a third-party context tries to access storage/cookies and the LinkedIn script doesn't handle this exception. Therefore, the page failed to load.

I don't know if we can do anything from the platform standpoint to resolve the breakage. Maybe there is something we can do from the webcompat standpoint. Tom, any thoughts?

Flags: needinfo?(twisniewski)

I also found a protection panel UI issue here that the protection panel shows that www.linkedin.com is blocked due to the social tracking protection. But, actually, we don't enable social tracking blocking in standard mode.

Severity: -- → S3
Priority: P3 → P2

Since that page only really presents the LinkedIn iframe, we could use SmartBlock to detect this case (an attempt to load the linked-in frame from this URL) and just change the window location to the iframe's URL. That shouldn't require too much effort, and it seems to work to visit the iframe's URL directly.

Flags: needinfo?(twisniewski)
Assignee: nobody → lschwarz
Status: NEW → ASSIGNED
Pushed by bvandersloot@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/34f197ce93a2
On https://relearnings.com/linkedinlearning.html linkedin iframe load change window.location to iframe. r=webcompat-reviewers,twisniewski

https://hg.mozilla.org/mozilla-central/rev/34f197ce93a2

Status: ASSIGNED → RESOLVED
Closed: 5 months ago
status-firefox124: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 124 Branch
Flags: qe-verify+

Reproducible on a 2024-01-01 Nightly build on macOS 12.
Verified as fixed on Firefox 124.0b2 and Firefox Nightly 125.0a1 on macOS 12, Windows 10, Ubuntu 22.

Status: RESOLVED → VERIFIED
status-firefox124: fixedverified
status-firefox125: --- → verified
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: