Open Bug 1902505 Opened 5 months ago Updated 1 month ago

myaccount.google.com - Video verification not supported

Categories

(Web Compatibility :: Site Reports, defect, P1)

Product:
Web Compatibility
Component:
Site Reports
Type:
defect

Tracking

(Not tracked)

People

(Reporter: ksenia, Assigned: ksenia, NeedInfo)

References

(Depends on 1 open bug,
URL
)

Details

(Keywords: webcompat:site-wait, Whiteboard: [webcompat-source:web-bugs])

User Story

platform:windows,mac,linux,android
impact:unsupported-feature
configuration:general
affects:all

Environment:
Operating system: Android
Originally reported Firefox version: Firefox 112.2.0 Build 2015946691
Last reproduced with the following UA: Mozilla/5.0 (X11; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0
Platforms reproduced on: linux

Steps to reproduce:
Visiting the authorization link generated for enabling YouTube Channel features by verification on the phone of the individual results in a message stating the browser is unsupported and suggests Chrome. Users cannot proceed with verification on Firefox.

Visiting on Chrome allows for proceeding with the verification step if logged in and mobile view only. If using desktop mode, a QR code and the link visited are presented instead prompting one to open the page on a mobile device.

Actual Behavior:
Browser unsupported

Created from https://github.com/webcompat/web-bugs/issues/121839

Severity: S4 → S2
User Story: (updated)
No longer depends on: firefox-not-supported
Priority: P3 → P1
User Story: (updated)
User Story: (updated)
Flags: needinfo?(kberezina)
Keywords: webcompat:needs-diagnosis

Ksenia, you linked this bug to navigator.userAgentData bug 1750143, but the webcompat bug report doesn't mention navigator.userAgentData or Firefox's User-Agent string. Is the YouTube page trying to use the navigator.userAgentData API determine whether the user is on a mobile device?

    What's the expected workflow of this procedure?
    Displaying the QR instead? [ As in: https://github.com/webcompat/web-bugs/issues/121839#issuecomment-1538230579 ]

(In reply to Chris Peterson [:cpeterson] from comment #1)

Ksenia, you linked this bug to navigator.userAgentData bug 1750143, but the webcompat bug report doesn't mention navigator.userAgentData or Firefox's User-Agent string. Is the YouTube page trying to use the navigator.userAgentData API determine whether the user is on a mobile device?

In addition to UA check, there is a check for userAgentData.getHighEntropyValues() specifically (an error is thrown if the function doesn't exist), as well as a check for specific properties:

a = (c = a.navigator) == null ? void 0 : c.userAgentData;
          if (
            !a ||
            typeof a.getHighEntropyValues !== 'function' ||
            a.brands &&
            typeof a.brands.map !== 'function'
          ) return Promise.reject(Error('Cc'));
          c = (a.brands || []).map(
            function (e) {
              var f = new cua;
              f = _.Pn(f, 1, e.brand);
              return _.Pn(f, 2, e.version)
            }
          );
          dua(_.Ln(_.rI, 2, a.mobile), c);
          sI = a.getHighEntropyValues(b)
        }
        var d = new Set(b);
        return sI.then(
          function (e) {
            var f = _.rI.clone();
            d.has('platform') &&
            _.Pn(f, 3, e.platform);
            d.has('platformVersion') &&
            _.Pn(f, 4, e.platformVersion);
            d.has('architecture') &&
            _.Pn(f, 5, e.architecture);
            d.has('model') &&
            _.Pn(f, 6, e.model);
            d.has('uaFullVersion') &&
            _.Pn(f, 7, e.uaFullVersion);
            return f
          }
        ).catch(function () {
          return _.rI.clone()
        })

So changing the UA to Chrome's mobile and shimming this function to return the following makes it bypass the "Check your browser/ verification is not supported video"

{
        "architecture": "",
        "brands": [
            {
                "brand": "Google Chrome",
                "version": "129"
            },
            {
                "brand": "Not=A?Brand",
                "version": "8"
            },
            {
                "brand": "Chromium",
                "version": "129"
            }
        ],
        "mobile": true,
        "model": "SM-G955U",
        "platform": "Android",
        "platformVersion": "8.0.0",
        "uaFullVersion": "129.0.6624.0"
    }

As far as I can tell, there is no check for what the properties are, so if I change "platform": "Android" to be platform "macOS", for example, there are no errors.

In addition to the above, there is a check for requestVideoFrameCallback (it appears to have a patch already though in bug1800882 :) )

if (!('requestVideoFrameCallback' in HTMLVideoElement.prototype)) return a.trigger(Q7, 2),
Flags: needinfo?(kberezina)

(In reply to Master ? [:masterquestionable] from comment #2)

    What's the expected workflow of this procedure?
    Displaying the QR instead? [ As in: https://github.com/webcompat/web-bugs/issues/121839#issuecomment-1538230579 ]

Actual verification is possible only on mobile, so there are 2 scenarios.

On desktop: displaying the QR code that you'd need to scan with a phone camera and it will open a link on your phone (QR code is displayed in Firefox with UA override to Chrome desktop).

On mobile: video verification (needs UA override, userAgentData.getHighEntropyValues, requestVideoFrameCallback to bypass the "not supported screen").

I shimmed the functions from comment3 and tried verification on my phone. It goes through the verification process, tells to position face in the white circle, etc. but then nothing happens. It looks stuck, without any errors.
Could be because I shimmed HTMLVideoElement.prototype.requestVideoFrameCallback to be an empty function, so going to retest this once it gets shipped to fenix.

    So it feels like bad design from Google..?
    What are the really needed to pass the verification? [ Already summarized in Comment 4, 5? ]
    Would patching the problematic functions outright be more preferable?

(In reply to Master ? [:masterquestionable] from comment #6)

    So it feels like bad design from Google..?
    What are the really needed to pass the verification? [ Already summarized in Comment 4, 5? ]
    Would patching the problematic functions outright be more preferable?

I tested it today with requestVideoFrameCallback shipped and was able to submit and pass verification in Firefox. I've reached out to youtube on our mailing list to see if they can add support in Firefox.

Keywords: webcompat:contact-ready, webcompat:needs-diagnosiswebcompat:site-wait
Assignee: nobody → kberezina

Ksenia - any response getting them to allow us to do video verification?

Flags: needinfo?(kberezina)

There was a response in August that the team that owns this feature is tracking the issue internally as b/357878058. I'll keep the ni open to reach out again when requestVideoFrameCallback is shipped to release in 132 (I think it's bug1919367)

You need to log in before you can comment on or make changes to this bug.