Mixed active content error is triggered twice in WebConsole
Categories
(DevTools :: Console, defect, P2)
Tracking
(firefox-esr68 wontfix, firefox-esr78 wontfix, firefox78 wontfix, firefox79 wontfix, firefox80 fixed)
People
(Reporter: cgeorgiu, Assigned: ckerschb)
Details
(Keywords: regression)
Attachments
(2 files)
Affected versions
- latest Nightly 80.0a1
- Beta 79.0b4
- Release 78.0.1
Affected platforms
- Windows 10 x64
- macOS 10.15
- Ubuntu 18.04 x64
Steps to reproduce
- Launch Firefox.
- Navigate to https://very.badssl.com/.
- Open Web Console (Ctrl/CMD + Shift + K).
- Inspect the error displayed in the Web Console, i.e.
Blocked loading mixed active content “http://http.badssl.com/test/imported.js”
.
Expected result
- The error is displayed only once.
Actual result
- The error is displayed twice.
Regression range
This issue seems to be an old regression, please observe below the regression range:
- changeset: edc3e119728a2e86ca1e3b01ff26ed1f7b9fde22
- pushlog_url: https://hg.mozilla.org/integration/autoland/pushloghtml?fromchange=75323c5f1047c579989b6a0dabd8fa29c854c869&tochange=edc3e119728a2e86ca1e3b01ff26ed1f7b9fde22
Bug 1627167- Re-enable Resources API to fetch console messages. r=Honza.
Additional notes
- Please observed the attached screenshot.
- I think this can be marked with a S4 severity.
Reporter | ||
Updated•4 years ago
|
Comment 1•4 years ago
|
||
Ciprian, I think you came up to Bug 1627167 as the offender, but it's only because it was fixing an issue with cached messages that was hiding this issue.
If you go back before Bug 1626286, you'll see the issue again.
For example I tried with a build from 2020-01-01 and I was seeing the issue.
I wonder if the issue is similar to Bug 1645745, Christoph, would you know?
Updated•4 years ago
|
Assignee | ||
Comment 2•4 years ago
|
||
(In reply to Nicolas Chevobbe [:nchevobbe] from comment #1)
I wonder if the issue is similar to Bug 1645745, Christoph, would you know?
Are we observing that problem for all kinds of loads or only for loads we do preloads for? For loads of type script, images... (see IsPreloadTpe for full list) we do perform preloads and it's possible that the preload gets blocked so we then perform an actual load.
For the specific case of http://http.badssl.com/test/imported.js
one could check the internal
content policy type in the loadinfo -> const type = channel.loadInfo.internalContentPolicyType;
and filter based on that. Usually if we block a request twice though, then I think I have seen only one line in the console but then a [2] at the end of the line, not 2 separate lines. Is that an indicator for some other problem?
Comment 3•4 years ago
|
||
(In reply to Christoph Kerschbaumer [:ckerschb] from comment #2)
Are we observing that problem for all kinds of loads or only for loads we do preloads for? For loads of type script, images... (see IsPreloadTpe for full list) we do perform preloads and it's possible that the preload gets blocked so we then perform an actual load.
I think it's only for blocked mixed active content errors (so not for images, we only get warnings for them)
Usually if we block a request twice though, then I think I have seen only one line in the console but then a [2] at the end of the line, not 2 separate lines. Is that an indicator for some other problem?
That's the same issue. The 2
badge you see on the right indicate that the message was repeated 2 times.
In the case of https://very.badssl.com/ , we don't get the "repeat bubble" only because warning messages (hidden in the screenshot) are emitted between the first and second error messages (we only "repeat" messages that come one after the other, except for warning groups, but it's another topic).
Assignee | ||
Comment 4•4 years ago
|
||
Summarizing Nicolas' and my slack conversation:
We concluded what helps here (or at least improves the situation) is not reporting errors to the console for 'preloads' - we do the same for CSP preloads.
Please note that for image loads we might still encounter two entries in the console because the imgLoader explicitly calls the Mixed Content Blocker twice (both times with type image (not preload)), hence we can't distinguish that.
Anyway, not logging preload errors to the console definitely improves the situation here and we should do that.
Assignee | ||
Comment 5•4 years ago
|
||
Assignee | ||
Comment 6•4 years ago
|
||
Pushed by csabou@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/6a1cfdaee9c7 Do not report mixed content errors to the console for preloads. r=nchevobbe
Comment 8•4 years ago
|
||
bugherder |
Updated•4 years ago
|
Reporter | ||
Updated•4 years ago
|
Description
•