Open Bug 1949176 Opened 9 months ago Updated 7 months ago

Blocked dialog displayed when pasting from clipboard after canceling the DLP scan in gsheets

Categories

(Firefox :: Data Loss Prevention, defect, P4)

Product:
Firefox
Component:
Data Loss Prevention
Version:
Firefox 137
Platform:
Desktop
Windows
Type:
defect

Tracking

()

Tracking Flags:
Tracking Status
firefox-esr115 --- unaffected
firefox-esr128 --- unaffected
firefox135 --- unaffected
firefox136 --- unaffected
firefox137 --- disabled
firefox138 --- wontfix

People

(Reporter: bhidecuti, Unassigned)

References

(Blocks 1 open bug, Regression)

Details

(Keywords: enterprise, regression)

Attachments

(1 file)

video showing the issue
1.32 MB, video/mp4
Details
Attached video video showing the issue

Found in

  • 137.0a1 (2025-02-19)

Affected versions

  • 137.0a1

Preconditions

  • Download the DLP test assets from https://drive.google.com/file/d/1yjqVRuxdKV3WnO7D2wzMgDXBuYBxUgVw/view
  • Create a distribution folder inside the Firefox folder and paste the policies-1.json to it and then rename it to policies.json
  • Run the DLP agent in CMD using: .\content_analysis_sdk_agent.exe --user --toblock=.\d{3}-?\d{2}-?\d{4}. --towarn=.warn. --delays=10

Tested platforms

  • Affected platforms: Windows 10/11
  • Unaffected platforms: Ubuntu, macOS

Steps to reproduce

  1. Go to https://drive.google.com/drive/home and open a Google Sheet
  2. Copy any random text and paste it inside the gsheet using ctrl+V (only click once on the desired cell)
  3. Press the “Cancel” button from the “Scan in progress” dialog and observe the behavior

Expected result

  • The scan is canceled and no other dialogs are displayed

Actual result

  • “You’re not permitted to paste this content” dialog is displayed

Regression range

Additional notes

  • See the attached video
  • Not reproducing on other pages (including on other gdocs) or if double-clicking on the cell before pasting
  • The content is allowed in cmd
QA Whiteboard: [QA-2409]

:gstoll, since you are the author of the regressor, bug 1936020, could you take a look? Also, could you set the severity field?

For more information, please visit BugBot documentation.

Flags: needinfo?(gstoll)
Flags: needinfo?(gstoll)
Duplicate of this bug: 1949181

This is hitting the content analysis cache when the page makes additional requests after the WARN response is turned into a BLOCK response by the user. Note that these additional requests are therefore in a separate User Action. We added showing the BLOCK dialog when the cache responds with BLOCK in bug 1936020 to avoid silently blocking things that the user tries to do. These are about additional requests that the page makes on its own -- we can't easily know if the user initiated a specific request but maybe we could show the BLOCK dialog for a cache hit only if some amount of time (like a second) has passed since the last one was shown.

[Tracking Requested - why for this release]: Regression in google docs with a duplicate report, seems potentially like a bad regression.

tracking-firefox137: --- → ?

Tracking for 137 as this is a recent regression affecting gdoc. David, could we get a priority/severity set for this bug to facilitate our regression triage? Thanks!

tracking-firefox137: ?+
Keywords: enterprise
Severity: -- → S4
Priority: -- → P4

The bug is marked as tracked for firefox137 (nightly). We have limited time to fix this, the soft freeze is in a day. However, the bug still isn't assigned, has low priority and has low severity.

:gcp, could you please find an assignee, increase the priority and increase the severity for this tracked bug? Given that it is a regression and we know the cause, we could also simply backout the regressor. If you disagree with the tracking decision, please talk with the release managers.

For more information, please visit BugBot documentation.

Flags: needinfo?(gpascutto)

Greg, you closed the needinfo but didn't triage the bug, comment 4 and 5 are completely misaligned with David setting this P4/S4 (while still leaving this as a tracked bug!).

Can you discuss what the proper priority is and set the P/S/tracking flags appropriately?

Flags: needinfo?(gpascutto) → needinfo?(gstoll)

Sorry about this.

I agree with :handyman that this is a pretty minor issue - it's just an extra dialog, which is potentially annoying. Also, I don't think we'll show this with ShowBlockedResult set to false, which we expect most DLP vendors to set. (since they want to show their own dialogs)

tracking-firefox137: + → ---
Flags: needinfo?(gstoll)

Marking this not block 1882607 due to the problem not occurring when policy setting ShowBlockedResult is set to false. This is the configuration we expect vendors to use so they can show their own block dialogs only.

No longer blocks: 1882607

Set release status flags based on info from the regressing bug 1936020

status-firefox138: --- → affected
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: