Closed Bug 1899470 Opened 10 months ago Closed 10 months ago

Certain assets do not load due to referrer policy, like github.com

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Version:
Firefox 128
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: pmenzel+bugzilla.mozilla.org, Unassigned)

Details

Attachments

(1 file)

Output of `about:support`
49.72 KB, text/plain
Details

Steps to reproduce:

Upgrade from 128.0a120240527092611 to 128.0a120240528214532, and open https://github.com/systemd/mkosi/issues/new?assignees=&labels=bug&projects=&template=bug_report.yml

bugzilla.mozilla.org is also affected:

Content-Security-Policy: (Report-Only policy) The page’s settings would block an event handler (script-src-attr) from being executed because it violates the following directive: “script-src 'self' 'nonce-Rxr2xCLQZDDXqyRnBjupGVCtUrwvlynQRcvKWFhX7we7StFW' 'unsafe-inline' https://www.google-analytics.com”
Source: guided.setStep('default')

Actual results:

The page does not load completely. The console contains:

Referrer Policy: Ignoring the less restricted referrer policy “no-referrer-when-downgrade” for the cross-site request: https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_IconButton_js-node_modules_primer_react_lib--1cd808-6070bc6b2c67.js

Expected results:

The page should load normally.

$ mozregression --good 2024-05-27
 0:00.36 WARNING: You are using mozregression version 5.3.1, however version 6.1.0 is available.
 0:00.36 WARNING: You should consider upgrading via the 'pip install --upgrade mozregression' command.
 0:00.36 INFO: No 'bad' option specified, using 2024-05-29
 0:01.81 WARNING: Skipping build 2024-05-29: Unable to find build info for 2024-05-29
 0:02.50 INFO: Got as far as we can go bisecting nightlies...
 0:02.50 INFO: Last good revision: 00f574fb9f0cde95935f22084807dc7bd60eae84 (2024-05-27)
 0:02.50 INFO: First bad revision: aec1be189f6899f383a1f7fb3b1e55cb9b427b8e (2024-05-28)
 0:02.50 INFO: Pushlog:
https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=00f574fb9f0cde95935f22084807dc7bd60eae84&tochange=aec1be189f6899f383a1f7fb3b1e55cb9b427b8e

 0:02.50 INFO: Switching bisection method to taskcluster
 0:02.50 INFO: Getting mozilla-central builds between 00f574fb9f0cde95935f22084807dc7bd60eae84 and aec1be189f6899f383a1f7fb3b1e55cb9b427b8e
 0:05.50 INFO: Pushlog:
https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=00f574fb9f0cde95935f22084807dc7bd60eae84&tochange=aec1be189f6899f383a1f7fb3b1e55cb9b427b8e

 0:05.51 INFO: Downloading build from: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/EG8fo-n9RIaVXwvpx3hGCw/runs/0/artifacts/public%2Fbuild%2Ftarget.tar.bz2
===== Downloaded 100% =====
 0:14.25 INFO: Running mozilla-central build built on 2024-05-28 06:03:24.716000, revision 046da0f0
 0:26.23 INFO: Launching /tmp/tmpl0wx51lw/firefox/firefox
 0:26.23 INFO: Application command: /tmp/tmpl0wx51lw/firefox/firefox -profile /tmp/tmpmmecgkgi.mozrunner
 0:26.24 INFO: application_buildid: 20240528001238
 0:26.24 INFO: application_changeset: 046da0f065e90bcf67ec9fd58aa8f84c1a8f80be
 0:26.24 INFO: application_name: Firefox
 0:26.24 INFO: application_repository: https://hg.mozilla.org/mozilla-central
 0:26.24 INFO: application_version: 128.0a1
Was this integration build good, bad, or broken? (type 'good', 'bad', 'skip', 'retry' or 'exit' and press Enter): good
 2:00.48 INFO: Narrowed integration regression window from [00f574fb, aec1be18] (3 builds) to [046da0f0, aec1be18] (2 builds) (~1 steps left)
 2:00.48 INFO: No more integration revisions, bisection finished.
 2:00.48 INFO: Last good revision: 046da0f065e90bcf67ec9fd58aa8f84c1a8f80be
 2:00.48 INFO: First bad revision: aec1be189f6899f383a1f7fb3b1e55cb9b427b8e
 2:00.48 INFO: Pushlog:
https://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=046da0f065e90bcf67ec9fd58aa8f84c1a8f80be&tochange=aec1be189f6899f383a1f7fb3b1e55cb9b427b8e

 2:02.69 INFO: ************* Switching to autoland by process of elimination (no branch detected in commit message)
 2:05.34 INFO: Getting autoland builds between 00f574fb9f0cde95935f22084807dc7bd60eae84 and aec1be189f6899f383a1f7fb3b1e55cb9b427b8e
 2:07.78 WARNING: Skipping build aec1be189f68: Unable to find build info using the taskcluster route 'gecko.v2.autoland.shippable.revision.aec1be189f6899f383a1f7fb3b1e55cb9b427b8e.firefox.linux64-opt'
 2:09.77 INFO: Expanding higher limit of the range to c2ace87db772
 2:10.54 WARNING: Skipping build 7e5e1a3a0dae: Unable to find build info using the taskcluster route 'gecko.v2.autoland.shippable.revision.7e5e1a3a0dae00fab33b2a5def296c231b508911.firefox.linux64-opt'
 2:11.64 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=00f574fb9f0cde95935f22084807dc7bd60eae84&tochange=c2ace87db7720148ec47bc0d83e5e4c97f6085e4

 2:11.65 INFO: Downloading build from: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/b1PKkUdITpGTDwBTDWZU-Q/runs/1/artifacts/public%2Fbuild%2Ftarget.tar.bz2
===== Downloaded 100% =====
 2:20.26 INFO: Running autoland build built on 2024-05-28 10:13:02.626000, revision dd4a0d50
 2:32.54 INFO: Launching /tmp/tmp77u1bz_q/firefox/firefox
 2:32.54 INFO: Application command: /tmp/tmp77u1bz_q/firefox/firefox -profile /tmp/tmp8zrrdsfr.mozrunner
 2:32.55 INFO: application_buildid: 20240528094048
 2:32.55 INFO: application_changeset: dd4a0d501442d98e5279f19e7b1d67faba914929
 2:32.55 INFO: application_name: Firefox
 2:32.55 INFO: application_repository: https://hg.mozilla.org/integration/autoland
 2:32.55 INFO: application_version: 128.0a1
Was this integration build good, bad, or broken? (type 'good', 'bad', 'skip', 'retry' or 'exit' and press Enter): bad
 3:41.52 INFO: Narrowed integration regression window from [00f574fb, c2ace87d] (73 builds) to [00f574fb, dd4a0d50] (37 builds) (~5 steps left)
 3:41.52 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=00f574fb9f0cde95935f22084807dc7bd60eae84&tochange=dd4a0d501442d98e5279f19e7b1d67faba914929

 3:41.52 INFO: Using local file: /dev/shm/.mozilla/mozregression/persist/619b0530625f-pgo--autoland--target.tar.bz2 (downloaded in background)
 3:41.52 INFO: Running autoland build built on 2024-05-28 03:09:49.928000, revision 619b0530
 3:54.09 INFO: Launching /tmp/tmp4u7r6gec/firefox/firefox
 3:54.09 INFO: Application command: /tmp/tmp4u7r6gec/firefox/firefox -profile /tmp/tmpha6liw30.mozrunner
 3:54.10 INFO: application_buildid: 20240528011634
 3:54.10 INFO: application_changeset: 619b0530625f37980b5bcd2c452b5ec92767372c
 3:54.10 INFO: application_name: Firefox
 3:54.10 INFO: application_repository: https://hg.mozilla.org/integration/autoland
 3:54.10 INFO: application_version: 128.0a1
Was this integration build good, bad, or broken? (type 'good', 'bad', 'skip', 'retry', 'back' or 'exit' and press Enter): bad
 4:46.66 INFO: Narrowed integration regression window from [00f574fb, dd4a0d50] (37 builds) to [00f574fb, 619b0530] (19 builds) (~4 steps left)
 4:46.66 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=00f574fb9f0cde95935f22084807dc7bd60eae84&tochange=619b0530625f37980b5bcd2c452b5ec92767372c

 4:46.66 INFO: Using local file: /dev/shm/.mozilla/mozregression/persist/a0891af78f56-shippable--autoland--target.tar.bz2 (downloaded in background)
 4:46.66 INFO: Running autoland build built on 2024-05-28 01:20:51.587000, revision a0891af7
 4:59.30 INFO: Launching /tmp/tmp9q_ju5_a/firefox/firefox
 4:59.30 INFO: Application command: /tmp/tmp9q_ju5_a/firefox/firefox -profile /tmp/tmpotg82bg0.mozrunner
 4:59.31 INFO: application_buildid: 20240527231424
 4:59.31 INFO: application_changeset: a0891af78f56563ab654ed9cc4b12187909dcb3f
 4:59.31 INFO: application_name: Firefox
 4:59.31 INFO: application_repository: https://hg.mozilla.org/integration/autoland
 4:59.31 INFO: application_version: 128.0a1
Was this integration build good, bad, or broken? (type 'good', 'bad', 'skip', 'retry', 'back' or 'exit' and press Enter): good
 6:03.48 INFO: Narrowed integration regression window from [00f574fb, 619b0530] (19 builds) to [a0891af7, 619b0530] (10 builds) (~3 steps left)
 6:03.48 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=a0891af78f56563ab654ed9cc4b12187909dcb3f&tochange=619b0530625f37980b5bcd2c452b5ec92767372c

 6:03.48 INFO: Downloading build from: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/d8SjB1V0Se6QsImDqE3ytw/runs/0/artifacts/public%2Fbuild%2Ftarget.tar.bz2
===== Downloaded 100% =====
 6:11.70 INFO: Running autoland build built on 2024-05-28 00:46:37.648000, revision 58762ad1
 6:24.74 INFO: Launching /tmp/tmp3fimrdmj/firefox/firefox
 6:24.74 INFO: Application command: /tmp/tmp3fimrdmj/firefox/firefox -profile /tmp/tmptw1zd9l0.mozrunner
 6:24.75 INFO: application_buildid: 20240528002426
 6:24.75 INFO: application_changeset: 58762ad12d187673d283db8a03a94b2593088a63
 6:24.75 INFO: application_name: Firefox
 6:24.75 INFO: application_repository: https://hg.mozilla.org/integration/autoland
 6:24.75 INFO: application_version: 128.0a1
Was this integration build good, bad, or broken? (type 'good', 'bad', 'skip', 'retry', 'back' or 'exit' and press Enter): good
13:47.11 INFO: Narrowed integration regression window from [a0891af7, 619b0530] (10 builds) to [58762ad1, 619b0530] (5 builds) (~2 steps left)
13:47.11 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=58762ad12d187673d283db8a03a94b2593088a63&tochange=619b0530625f37980b5bcd2c452b5ec92767372c

13:47.12 INFO: Downloading build from: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/RyA9NNk9SVGshCwVeoshpQ/runs/0/artifacts/public%2Fbuild%2Ftarget.tar.bz2
===== Downloaded 100% =====
13:55.36 INFO: Running autoland build built on 2024-05-28 01:19:42.922000, revision 11501455
14:07.80 INFO: Launching /tmp/tmpxq9lm1_d/firefox/firefox
14:07.80 INFO: Application command: /tmp/tmpxq9lm1_d/firefox/firefox -profile /tmp/tmpvg6dbawg.mozrunner
14:07.81 INFO: application_buildid: 20240528004924
14:07.81 INFO: application_changeset: 1150145511186bbe0042166cd8efab5cf5773668
14:07.81 INFO: application_name: Firefox
14:07.81 INFO: application_repository: https://hg.mozilla.org/integration/autoland
14:07.81 INFO: application_version: 128.0a1
Was this integration build good, bad, or broken? (type 'good', 'bad', 'skip', 'retry', 'back' or 'exit' and press Enter): good
14:44.27 INFO: Narrowed integration regression window from [58762ad1, 619b0530] (5 builds) to [11501455, 619b0530] (3 builds) (~1 steps left)
14:44.27 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=1150145511186bbe0042166cd8efab5cf5773668&tochange=619b0530625f37980b5bcd2c452b5ec92767372c

14:44.27 INFO: Downloading build from: https://firefox-ci-tc.services.mozilla.com/api/queue/v1/task/TAnC5rrYSFC5UROT9Y6TuA/runs/0/artifacts/public%2Fbuild%2Ftarget.tar.bz2
===== Downloaded 100% =====
14:53.14 INFO: Running autoland build built on 2024-05-28 01:24:09.018000, revision 94dea1e0
15:03.55 INFO: Launching /tmp/tmpppcg8ow9/firefox/firefox
15:03.55 INFO: Application command: /tmp/tmpppcg8ow9/firefox/firefox -profile /tmp/tmp2r22q9w6.mozrunner
15:03.56 INFO: application_buildid: 20240528005446
15:03.56 INFO: application_changeset: 94dea1e070ad411571fcefcd700589b6276dc62d
15:03.56 INFO: application_name: Firefox
15:03.56 INFO: application_repository: https://hg.mozilla.org/integration/autoland
15:03.56 INFO: application_version: 128.0a1
Was this integration build good, bad, or broken? (type 'good', 'bad', 'skip', 'retry', 'back' or 'exit' and press Enter): good
15:32.97 INFO: Narrowed integration regression window from [11501455, 619b0530] (3 builds) to [94dea1e0, 619b0530] (2 builds) (~1 steps left)
15:32.97 INFO: No more integration revisions, bisection finished.
15:32.97 INFO: Last good revision: 94dea1e070ad411571fcefcd700589b6276dc62d
15:32.97 INFO: First bad revision: 619b0530625f37980b5bcd2c452b5ec92767372c
15:32.97 INFO: Pushlog:
https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=94dea1e070ad411571fcefcd700589b6276dc62d&tochange=619b0530625f37980b5bcd2c452b5ec92767372c

I am not sure about the last three or four tries.

The Bugbug bot thinks this bug should belong to the 'Core::DOM: Security' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: Untriaged → DOM: Security
Product: Firefox → Core

Seems to be fixed in 128.0a1~20240529013712.

Status: UNCONFIRMED → RESOLVED
Closed: 10 months ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: