Closed Bug 667818 Opened 14 years ago Closed 14 years ago

Can't login to Bankwest net banking with Firefox in Ubuntu

Categories

(Core :: Networking: Cookies, defect)

Product:
Core
Component:
Networking: Cookies
Version:
5 Branch
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla8
Tracking Flags:
Tracking Status
firefox6 --- fixed
firefox7 --- fixed

People

(Reporter: spamifuwill, Assigned: bzbarsky)

Details

(Whiteboard: [qa-])

Attachments

(3 files, 1 obsolete file)

Ubuntu cookie log (problem environment)
10.33 KB, text/plain
Details
Windows Cookie log (working environment)
6.73 KB, text/plain
Details
Fix
4.61 KB, patch
dwitte
: review+
christian
: approval-mozilla-aurora+
christian
: approval-mozilla-beta+
Details | Diff | Splinter Review
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0 Build ID: 20110622232440 Steps to reproduce: Attempt to log into Bankwest net banking (after a successful login & logout) by visit http://www.bankwest.com.au and click 'Online Banking - Personal' or directly go to 'https://ibs.bankwest.com.au/BWLogin/rib.aspx', and type in username (Personal Access Number) and password (Secure Code) and click login. Troubleshooting information: Application Basics Name Firefox Version 5.0 User Agent Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0 Profile Directory Open Containing Folder Enabled Plugins about:plugins Build Configuration about:buildconfig Extensions Name Version Enabled ID Global Menu Bar integration 1.0.6 true globalmenu@ubuntu.com Ubuntu Firefox Modifications 0.9.1 true ubufox@ubuntu.com Adblock Plus 1.3.8 false {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} DownThemAll! 2.0.7 false {DDC359D1-844A-42a7-9AA1-88A850A938A8} Firebug 1.7.3 false firebug@software.joehewitt.com Firecookie 1.2.1 false firecookie@janodvarko.cz Flash Video Downloader - Youtube Downloader 2.0.24 false artur.dubovoy@gmail.com Net Usage Item 1.2.310 false {DA1B0AB5-7DD3-4066-BC2A-64AABBDD0A8B} nzbdStatus 1.0.15.1 false sabnzbdstatus@dq5studios.com Sothink Web Video Downloader for Firefox 6.1 false {FCAB6FDD-5585-425b-95C1-5ED856F3FD08} Modified Preferences Name Value accessibility.typeaheadfind.flashBar 0 browser.places.importBookmarksHTML false browser.places.smartBookmarksVersion 2 browser.startup.homepage_override.buildID 20110622232440 browser.startup.homepage_override.mstone rv:5.0 extensions.lastAppVersion 5.0 font.minimum-size.x-western 12 font.size.fixed.x-western 14 font.size.variable.x-western 14 network.cookie.prefsMigrated true places.database.lastMaintenance 1309143741 places.history.expiration.transient_current_max_pages 118375 places.last_vacuum 1306229690 print.print_printer Print to File print.printer_PostScript/default.print_bgcolor false print.printer_PostScript/default.print_bgimages false print.printer_PostScript/default.print_colorspace default print.printer_PostScript/default.print_command lpr ${MOZ_PRINTER_NAME:+-P"$MOZ_PRINTER_NAME"} print.printer_PostScript/default.print_downloadfonts false print.printer_PostScript/default.print_edge_bottom 0 print.printer_PostScript/default.print_edge_left 0 print.printer_PostScript/default.print_edge_right 0 print.printer_PostScript/default.print_edge_top 0 print.printer_PostScript/default.print_evenpages true print.printer_PostScript/default.print_footercenter print.printer_PostScript/default.print_footerleft &PT print.printer_PostScript/default.print_footerright &D print.printer_PostScript/default.print_headercenter print.printer_PostScript/default.print_headerleft &T print.printer_PostScript/default.print_headerright &U print.printer_PostScript/default.print_in_color true print.printer_PostScript/default.print_margin_bottom 0.5 print.printer_PostScript/default.print_margin_left 0.5 print.printer_PostScript/default.print_margin_right 0.5 print.printer_PostScript/default.print_margin_top 0.5 print.printer_PostScript/default.print_oddpages true print.printer_PostScript/default.print_orientation 0 print.printer_PostScript/default.print_page_delay 50 print.printer_PostScript/default.print_paper_data 0 print.printer_PostScript/default.print_paper_height 279.40 print.printer_PostScript/default.print_paper_name na_letter print.printer_PostScript/default.print_paper_size_type 1 print.printer_PostScript/default.print_paper_size_unit 1 print.printer_PostScript/default.print_paper_width 215.90 print.printer_PostScript/default.print_plex_name default print.printer_PostScript/default.print_resolution_name default print.printer_PostScript/default.print_reversed false print.printer_PostScript/default.print_scaling 1.00 print.printer_PostScript/default.print_shrink_to_fit true print.printer_PostScript/default.print_to_file false print.printer_PostScript/default.print_unwriteable_margin_bottom 56 print.printer_PostScript/default.print_unwriteable_margin_left 25 print.printer_PostScript/default.print_unwriteable_margin_right 25 print.printer_PostScript/default.print_unwriteable_margin_top 25 print.printer_Print_to_File.print_bgcolor false print.printer_Print_to_File.print_bgimages false print.printer_Print_to_File.print_colorspace default print.printer_Print_to_File.print_command lpr ${MOZ_PRINTER_NAME:+-P"$MOZ_PRINTER_NAME"} print.printer_Print_to_File.print_downloadfonts false print.printer_Print_to_File.print_edge_bottom 0 print.printer_Print_to_File.print_edge_left 0 print.printer_Print_to_File.print_edge_right 0 print.printer_Print_to_File.print_edge_top 0 print.printer_Print_to_File.print_evenpages true print.printer_Print_to_File.print_footercenter print.printer_Print_to_File.print_footerleft &PT print.printer_Print_to_File.print_footerright &D print.printer_Print_to_File.print_headercenter print.printer_Print_to_File.print_headerleft &T print.printer_Print_to_File.print_headerright &U print.printer_Print_to_File.print_in_color true print.printer_Print_to_File.print_margin_bottom 0.5 print.printer_Print_to_File.print_margin_left 0.5 print.printer_Print_to_File.print_margin_right 0.5 print.printer_Print_to_File.print_margin_top 0.5 print.printer_Print_to_File.print_oddpages true print.printer_Print_to_File.print_orientation 0 print.printer_Print_to_File.print_page_delay 50 print.printer_Print_to_File.print_paper_data 0 print.printer_Print_to_File.print_paper_height 279.40 print.printer_Print_to_File.print_paper_name na_letter print.printer_Print_to_File.print_paper_size_type 1 print.printer_Print_to_File.print_paper_size_unit 1 print.printer_Print_to_File.print_paper_width 215.90 print.printer_Print_to_File.print_plex_name default print.printer_Print_to_File.print_resolution_name default print.printer_Print_to_File.print_reversed false print.printer_Print_to_File.print_scaling 1.00 print.printer_Print_to_File.print_shrink_to_fit true print.printer_Print_to_File.print_to_file false print.printer_Print_to_File.print_unwriteable_margin_bottom 56 print.printer_Print_to_File.print_unwriteable_margin_left 25 print.printer_Print_to_File.print_unwriteable_margin_right 25 print.printer_Print_to_File.print_unwriteable_margin_top 25 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_colorspace false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_downloadfonts false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_jobtitle false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_num_copies true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_orientation true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_paper_size true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_plex false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_printincolor true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_resolution false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.can_change_spoolercommand false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.colorspace.0.name default print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.colorspace.count 1 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.has_special_printerfeatures true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.orientation.0.name portrait print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.orientation.1.name landscape print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.orientation.count 2 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.0.height_mm 210 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.0.is_inch false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.0.name A5 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.0.width_mm 148 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.1.height_mm 297 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.1.is_inch false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.1.name A4 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.1.width_mm 210 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.2.height_mm 420 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.2.is_inch false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.2.name A3 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.2.width_mm 297 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.3.height_mm 279 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.3.is_inch true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.3.name Letter print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.3.width_mm 215 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.4.height_mm 355 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.4.is_inch true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.4.name Legal print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.4.width_mm 215 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.5.height_mm 431 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.5.is_inch true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.5.name Tabloid print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.5.width_mm 279 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.6.height_mm 254 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.6.is_inch true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.6.name Executive print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.6.width_mm 190 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.paper.count 7 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.plex.0.name default print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.plex.count 1 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.resolution.0.name default print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.resolution.count 1 print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_colorspace_change false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_downloadfonts_change false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_jobtitle_change false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_orientation_change true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_paper_size_change true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_plex_change false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_printincolor_change true print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_resolution_change false print.tmp.printerfeatures.CUPS/iP1600-TurboPrint.supports_spoolercommand_change false print.tmp.printerfeatures.PostScript/default.can_change_colorspace false print.tmp.printerfeatures.PostScript/default.can_change_downloadfonts false print.tmp.printerfeatures.PostScript/default.can_change_jobtitle false print.tmp.printerfeatures.PostScript/default.can_change_num_copies true print.tmp.printerfeatures.PostScript/default.can_change_orientation true print.tmp.printerfeatures.PostScript/default.can_change_paper_size true print.tmp.printerfeatures.PostScript/default.can_change_plex false print.tmp.printerfeatures.PostScript/default.can_change_printincolor true print.tmp.printerfeatures.PostScript/default.can_change_resolution false print.tmp.printerfeatures.PostScript/default.can_change_spoolercommand true print.tmp.printerfeatures.PostScript/default.colorspace.0.name default print.tmp.printerfeatures.PostScript/default.colorspace.count 1 print.tmp.printerfeatures.PostScript/default.has_special_printerfeatures true print.tmp.printerfeatures.PostScript/default.orientation.0.name portrait print.tmp.printerfeatures.PostScript/default.orientation.1.name landscape print.tmp.printerfeatures.PostScript/default.orientation.count 2 print.tmp.printerfeatures.PostScript/default.paper.0.height_mm 210 print.tmp.printerfeatures.PostScript/default.paper.0.is_inch false print.tmp.printerfeatures.PostScript/default.paper.0.name A5 print.tmp.printerfeatures.PostScript/default.paper.0.width_mm 148 print.tmp.printerfeatures.PostScript/default.paper.1.height_mm 297 print.tmp.printerfeatures.PostScript/default.paper.1.is_inch false print.tmp.printerfeatures.PostScript/default.paper.1.name A4 print.tmp.printerfeatures.PostScript/default.paper.1.width_mm 210 print.tmp.printerfeatures.PostScript/default.paper.2.height_mm 420 print.tmp.printerfeatures.PostScript/default.paper.2.is_inch false print.tmp.printerfeatures.PostScript/default.paper.2.name A3 print.tmp.printerfeatures.PostScript/default.paper.2.width_mm 297 print.tmp.printerfeatures.PostScript/default.paper.3.height_mm 279 print.tmp.printerfeatures.PostScript/default.paper.3.is_inch true print.tmp.printerfeatures.PostScript/default.paper.3.name Letter print.tmp.printerfeatures.PostScript/default.paper.3.width_mm 215 print.tmp.printerfeatures.PostScript/default.paper.4.height_mm 355 print.tmp.printerfeatures.PostScript/default.paper.4.is_inch true print.tmp.printerfeatures.PostScript/default.paper.4.name Legal print.tmp.printerfeatures.PostScript/default.paper.4.width_mm 215 print.tmp.printerfeatures.PostScript/default.paper.5.height_mm 431 print.tmp.printerfeatures.PostScript/default.paper.5.is_inch true print.tmp.printerfeatures.PostScript/default.paper.5.name Tabloid print.tmp.printerfeatures.PostScript/default.paper.5.width_mm 279 print.tmp.printerfeatures.PostScript/default.paper.6.height_mm 254 print.tmp.printerfeatures.PostScript/default.paper.6.is_inch true print.tmp.printerfeatures.PostScript/default.paper.6.name Executive print.tmp.printerfeatures.PostScript/default.paper.6.width_mm 190 print.tmp.printerfeatures.PostScript/default.paper.count 7 print.tmp.printerfeatures.PostScript/default.plex.0.name default print.tmp.printerfeatures.PostScript/default.plex.count 1 print.tmp.printerfeatures.PostScript/default.resolution.0.name default print.tmp.printerfeatures.PostScript/default.resolution.count 1 print.tmp.printerfeatures.PostScript/default.supports_colorspace_change false print.tmp.printerfeatures.PostScript/default.supports_downloadfonts_change false print.tmp.printerfeatures.PostScript/default.supports_jobtitle_change false print.tmp.printerfeatures.PostScript/default.supports_orientation_change true print.tmp.printerfeatures.PostScript/default.supports_paper_size_change true print.tmp.printerfeatures.PostScript/default.supports_plex_change false print.tmp.printerfeatures.PostScript/default.supports_printincolor_change true print.tmp.printerfeatures.PostScript/default.supports_resolution_change false print.tmp.printerfeatures.PostScript/default.supports_spoolercommand_change true privacy.cpd.cache false privacy.cpd.downloads false privacy.cpd.formdata false privacy.cpd.history false privacy.cpd.sessions false privacy.sanitize.migrateFx3Prefs true privacy.sanitize.timeSpan 0 security.warn_viewing_mixed.show_once false Graphics GPU Accelerated Windows 0/1 Actual results: Does not login, instead shows time out error: "Your Internet Banking session has been timed out. Please log on." Try login again, still does not login and this time with no error message. Expected results: The cookies from ibs.bankwest.com.au for the first (successful login) session should have been cleared at end of session but they are not. I can successfully login if I delete these two cookies: RdeContextID=; expires=Invalid Date; path=/; domain=ibs.bankwest.com.au ONTCred=; expires=Invalid Date; path=/; domain=ibs.bankwest.com.au; HttpOnly I have reported this bug to BankWest customer service with no more help than a stock answer of "clear your cookies" from them saying they only support Internet Explorer. This bug does not occur in Chrome in the same Ubuntu (Natty) installation. This bug is also discussed at https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/537293 where it is reported to occur only in Ubuntu 10.04+ and Fedora14, so far.
OS: Other → Linux
Session cookies will be deleted when the session is over and that happens if you close Firefox. There is a difference between the session between Gecko and IE and probably Chrome. Each IE window is a different session. The bank should however clear the stored cookies if you logout. Could you attach a cookie log ? https://developer.mozilla.org/en/Creating_a_Cookie_Log But be careful, I don't know which information are stored in the cookies.
Attached file cookie log (obsolete) —
Checked cookie-log for sensitive information - IP address and password may be in one of the hashes, but I have a dynamic IP and I changed the password as a pre-caution.
Cookie-log generated by reproducing bug as stated above (started at www.bankwest.com.au). Also tried closing firefox to end the session but cookie is not being cleared. Is this a Firefox bug or a Bankwest bug? I will produce more info as needed. Thank you very much for your debug effort.
Hey Guys, This bug affects me also but I guess it's worth explicitly pointing out that when using the same version of Firefox on Windows and repeating the same steps there bug does not occur. For this reason, I'm lead to believe there is some kind of difference between Ubuntu Firefox cookie handling compared to Windows Firefox cookie handling. Given the Bankwest sites works with all other mainstream browsers (including Firefox in Windows) it's unlikely to be a bankwest website problem. If anyone needs any additional logs or anything from me please let me know.
There are a few times : expires=Mon, 29-Jun-1981 03:02:10 GMT rejected because cookie has already expired and they set cookies like this : expires: Sun Dec 31 15:59:59 1899 GMT Could you get problems because that before unix time zero ? Can you please try this : Try without addons: http://support.mozilla.com/en-US/kb/Safe+Mode Try a Mozilla.org binary build :ftp://ftp.mozilla.org/pub/firefox/releases/5.0/ Create a windows cookie log with the exact same steps NEW because we have multiple people with this problem
Status: UNCONFIRMED → NEW
Component: General → Networking: Cookies
Ever confirmed: true
Product: Firefox → Core
QA Contact: general → networking.cookies
Are people seeing this on Nightly or on Aurora? Or just on Firefox 5? This seems like something that bug 659569 or bug 618835 might have fixed...
Hey guys - I don't think it's the same bug as those other ones. This bug only appears to affect Linux users and it isn't resolved after restarting firefox. My guess is that matti is right in there is some kind of inconisitency between platform behavior due to the way dates are handled. The clarify - although this bug has only just been reported I've been experiencing it for 2 years now. So it's not something that has just shown up in v5. I hope to get some time later this week to send through some cookie logs highlighting the difference between Linux and windows cookie behavior. Watch this space.
Hey Guys, Sorry this took me a while. I feel a little uncomfortable attaching the entire raw cookie log files for security reasons. Replacing all the hashes etc. would have taken me a long time as there are lots of them. So what I've done is provided partial logs at a key point where I think the problem is likely to be visible - the Logout website event + the request of the login page for the 2nd time. I've also replaced all hashes etc. for security reasons. The file names are named: 1. cookie-log-ubuntu01-(copy)-logout-part.txt 2. cookie-log-windows01-(copy)-logout-part.txt The big difference I notice when I do a compare between the two files is the Working Windows version has cookie rejections for these reasons: "rejected because previously stored cookie was deleted" "rejected because cookie has already expired" The ubuntu log has non of these such rejections. But to drill down even closer to the problem you can see that the Ubuntu firefox accepts a cookie "name: ASP.NET_SessionId" cookie that expires "expires: Sun Dec 31 15:59:59 1899 GMT". Where as the windows version doesn't accept it stating "rejected because cookie has already expired". This sounds like the issue to me given the symptoms when you go to login after just logging out in Ubuntu you receive the error saying session expired. Thoughts? Is this a Linux time issue?
This part from the Windows log is fishy: 0[62f140]: ===== COOKIE NOT ACCEPTED ===== 0[62f140]: request URL: https://ibs.bankwest.com.au/CmWeb/Logout.aspx 0[62f140]: cookie string: ASP.NET_SessionId=; expires=Sun, 31-Dec-1899 16:00:00 GMT; path=/ ONTCred=; expires=Sun, 31-Dec-1899 16:00:00 GMT; path=/ SIGNOUT_URL=http%3a%2f%2fwww.bankwest.com.au%2fspecial_pages%2fIBS_Pages%2fIBS_Logout.asp%3fServiceType%3dBOBBWA; path=/ RdeContextID=; expires=Sun, 31-Dec-1899 16:00:00 GMT; path=/ ONTCred=ONTCred_replaced668; path=/; domain=ibs.bankwest.com.au; secure 0[62f140]: current time: Sat Jul 09 04:43:14 2011 GMT 0[62f140]: rejected because previously stored cookie was deleted 0[62f140]: 0[62f140]: ===== COOKIE NOT ACCEPTED ===== 0[62f140]: request URL: https://ibs.bankwest.com.au/CmWeb/Logout.aspx 0[62f140]: cookie string: ONTCred=; expires=Sun, 31-Dec-1899 16:00:00 GMT; path=/ SIGNOUT_URL=http%3a%2f%2fwww.bankwest.com.au%2fspecial_pages%2fIBS_Pages%2fIBS_Logout.asp%3fServiceType%3dBOBBWA; path=/ RdeContextID=; expires=Sun, 31-Dec-1899 16:00:00 GMT; path=/ ONTCred=ONTCred_replaced668; path=/; domain=ibs.bankwest.com.au; secure 0[62f140]: current time: Sat Jul 09 04:43:14 2011 GMT 0[62f140]: rejected because cookie has already expired (the Linux log accepts both cookies). Why is there the deleted thing going on on Windows? Does that part happen with clean profiles? In any case, the "ONTCred=" cookie with the same date is rejected on Windows but accepted on Linux.....
I don't have any answers to your questions but even if Windows is doing fishy things somehow it ends up working for this website just like IE, Chrome, etc. Firefox on Linux is the only browser that seems to have issues with this site :( Also, I should have said that I captured the cookie logs by starting firefox (both windows & ubuntu) with the following command line options -private ( Disables extensions and themes for this session.) -safe-mode ( Disables extensions and themes for this session.) Versions of firefox are below but I don't think these are major factors given this problem has been around for years Ubuntu Firefox: 5.0+build1+nobinonly-0ubuntu0.11.04.2 Windows Firefox: 5.0
Maybe I should have been clearer: 1) Does the Windows login still work with a clean profile? (Not just safe mode; an actual clean profile.) 2) Does the Linux login still fail with a clean profile? 3) Just to make sure, does the Linux login still fail with a mozilla.org build?
Hey Boris, 1) The problem never exists in Windows - with our without a clean profile 2) The problem always exists in Linux - with or without a clean profile 3) I've never tried this. As Angus said above this also affects Fedora users. But if you can provide a link to a download a mozilla.org build or some instructions I can give that a try. Here are the test steps I did with the clean profile 1. Go to https://ibs.bankwest.com.au/BWLogin/rib.aspx (loads fine Win/Linux) 2. Login (loads fine Win/Linux) 3. Logout (logout works Win/Linux) 4. Go to https://ibs.bankwest.com.au/BWLogin/rib.aspx (loads fine Win/Linux) 5. Login (works Win... Fails linux saying session expired).
You can get a mozilla.org build of Firefox 5 at http://releases.mozilla.org/pub/mozilla.org/firefox/releases/5.0/linux-i686/en-US/firefox-5.0.tar.bz2 Just untar somewhere (in /tmp) and then run. If you want to try a current nightly instead (which you should _definitely_ make sure you run against a profile that's not your normal browsing profile), it's at http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/latest-trunk/firefox-8.0a1.en-US.linux-i686.tar.bz2
Well there you go. I ran through the test case with both the mozilla.org build of Firefox 5 as well as the Firefox Nightly 8.0a1 and for both the website worked correctly by allowing me to log in and out as many times as I wanted to. Nice pickup Boris. What does this mean exactly? Would ubuntu be modifying the build so much that they change the way cookies work?
Thanks Matti & Boris. I can confirm success with the mozilla.org build of Firefox 5 and Nightly 8.0a1. I am very pleased to use the mozilla.org build. I also have success with my profile from the Ubuntu build of Firefox 5, of course with most extensions not loading in the Nightly build. I will notify the Ubuntu team about this problem.
Umm bug replicated with the x86_64 mozilla.org build at http://releases.mozilla.org/pub/mozilla.org/firefox/releases/5.0/linux-x86_64/en-US/firefox-5.0.tar.bz2 Why would x86_64 build not function correctly when I'm running an Intel(R) Core(TM) i5 CPU M 480?
I too am running 64bit ubuntu with an Intel(R) Core (TM) i7 Q720. Which confirms it seems to be a 64bit issue.
Ah, 64-bit vs 32-bit at least explains why it works on Windows builds (which are 32-bit). I bet that plus comment 5 explains what's going on. The 1899 date is actually expressible in a 64-bit build, and comes before 1981. But in a 32-bit build, 1899 would underflow to 2036 or so, which is after 1981.
Hardware: All → x86_64
Except wait. That doesn't match comment 11. Digging some more.
Ok, I think I know what's going on here. The issue, I will bet, is this code in nsCookieService::GetExpiry: 3276 delta = expires / PR_USEC_PER_SEC - aServerTime; ... 3285 aCookieAttributes.expiryTime = aCurrentTime + delta; The key issue is what types the variables are. |expires| is a PRTime, which is a typedef for PRInt64, which is "long" if sizeof(long) == 8, and "long long" otherwise (well, or __int64 on Windows, but that doesn't matter). aServerTime is a PRInt64. The expiryTime member we're setting is a PRInt64. The wrench in the works is that PR_USEC_PER_SEC is a macro that expands to 1000000UL (unsigned long constant). So now say |expires| is negative (as it is here). What happens when dividing by PR_USEC_PER_SEC? That depends on whether a 64-bit signed int can represent all the values of unsigned long. If it can (e.g. 32-bit builds) then the unsigned long is promoted to 64-bit signed int and the division is performed. In this case that means the answer is negative. But if it cannot (64-bit builds on Linux, where long is 8-bit) then both arguments are converted to 64-bit unsigned integers and the division is performed on those; the answer of course ends up _positive_. So summary: PR_USEC_PER_SEC being unsigned is nuts, and that may be causing the problem here. Let me try fixing that and seeing whether it fixes this bug.
There are builds with a proposed fix for this bug at https://ftp.mozilla.org/pub/mozilla.org/firefox/try-builds/bzbarsky@mozilla.com-fe499385fdc1/try-linux64/ Brent, Angus, would you be willing to try them out?
Attached patch FixSplinter Review
Angus, thank you for testing that
Attachment #547594 - Flags: review?(dwitte)
Assignee: nobody → bzbarsky
Whiteboard: [need review]
Thank you Boris for your bug-zapping efforts. Do you expect to see this corrected code in the Ubuntu x86_64 build in the near future?
Angus, I'm not quite sure what Ubuntu's current update policy is, but I expect this to ship in an official mozilla.org release, if everything goes right, in early November (maybe late September if we backport to Aurora). I would guess it would appear in the Ubuntu builds around then too.
Hey Guys, I tried to test by downloading https://ftp.mozilla.org/pub/mozilla.org/firefox/try-builds/bzbarsky@mozilla.com-fe499385fdc1/try-linux64/firefox-8.0a1.en-US.linux-x86_64.tar.bz2 but for some reason when I went to execute the firefox executable it just did nothing. Firefox never even opened. So not sure what I've done wrong but if it's worked for Angus my guess is the bug is fixed. Many thanks Boris for your efforts! Greatly appreciated.
Got the build to run and the bug is fixed for me. Thanks again.
Comment on attachment 547594 [details] [diff] [review] Fix r=dwitte
Attachment #547594 - Flags: review?(dwitte) → review+
Whiteboard: [need review] → [need landing]
http://hg.mozilla.org/integration/mozilla-inbound/rev/2429a81db426
Flags: in-testsuite+
Whiteboard: [need landing]
Target Milestone: --- → mozilla8
Comment on attachment 547594 [details] [diff] [review] Fix This is a pretty safe fix that only affects 64-bit builds (so Mac and Linux only) and fixes an obvious bug in the cookie code's date handling there. I think we should take this on Aurora and at least consider taking this on Beta, since it's keeping some users from doing online banking... That said, this is not a regression from Fx5, so I can understand it if we decide to not take it on the branches.
Attachment #547594 - Flags: approval-mozilla-beta?
Attachment #547594 - Flags: approval-mozilla-aurora?
Comment on attachment 547594 [details] [diff] [review] Fix Approved for mozilla-aurora and mozilla-beta. Please land asap.
Attachment #547594 - Flags: approval-mozilla-beta?
Attachment #547594 - Flags: approval-mozilla-beta+
Attachment #547594 - Flags: approval-mozilla-aurora?
Attachment #547594 - Flags: approval-mozilla-aurora+
http://hg.mozilla.org/mozilla-central/rev/2429a81db426
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Comment on attachment 542721 [details] cookie log DELETED
Attachment #542721 - Attachment is obsolete: true
qa+ for verification on Firefox 7
Whiteboard: [qa+]
Setting to qa? as a Personal Access Number and a Secure Code at Bankwest is needed to verify this issue.
Whiteboard: [qa+] → [qa?]
(In reply to Virgil Dicu [QA] from comment #38) > Setting to qa? as a Personal Access Number and a Secure Code at Bankwest is > needed to verify this issue. Given that information, I think QA will not be able to verify this fix. Angus, can you please test if this is now fixed for you in Firefox 7?
Whiteboard: [qa?] → [qa-]
I'm happy to give this a test. What release should I use? When I look in http://releases.mozilla.org/pub/mozilla.org/firefox/releases/latest/linux-x86_64/en-US/ All i can see is version 6 not 7.
If you wish to verify, you can use this build (the release candidate for Firefox 7-the official release is coming soon): ftp://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/7.0-candidates/build2
Hey Everyone, TEST PASSED for Firefox 7. I just tested with this release ftp://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/7.0-candidates/build2/linux-x86_64/en-US/firefox-7.0.tar.bz2 and I couldn't replicate the bug. So all looks good to me. Thanks everyone.
Verified fixed based on comment 42. Thanks!
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: