Sign up form is not displayed on talkwalker.com while Tracking Protection Basic is enabled
Categories
(Web Compatibility :: Desktop, defect, P1)
Tracking
(Not tracked)
People
(Reporter: oanaarbuzov, Unassigned)
References
(Blocks 2 open bugs, )
Details
(Whiteboard: [webcompat][tp-ads][tp-yellowlist-active][tp-site-severe][tp-shim-complex])
User Story
marketo.com
Attachments
(1 file)
(deleted),
image/png
|
Details |
Reporter | ||
Comment 1•6 years ago
|
||
Reporter | ||
Comment 2•6 years ago
|
||
Reporter | ||
Updated•6 years ago
|
Updated•6 years ago
|
Updated•6 years ago
|
Assignee | ||
Updated•6 years ago
|
Comment 3•6 years ago
|
||
Migrating Webcompat whiteboard priorities to project flags. See bug 1547409.
Comment 4•6 years ago
|
||
See bug 1547409. Migrating whiteboard priority tags to program flags.
Updated•5 years ago
|
Comment 5•5 years ago
|
||
I see this in the console when TP mode breaks the page: MktoForms2 is not defined
Marketo Forms may not be easy to spoof, as it is a framework for making these kinds of sign-up forms.
But these are the blocked scripts:
https://app-lon05.marketo.com/js/forms2/js/forms2.min.js
https://munchkin.marketo.net/munchkin.js
And the sign-up form seems to work fine if I block just the Munchkin, which seems to be the tracking component:
var doAjaxSubmit = function (){
var values = pub.getValues();
if(window.Munchkin){
try{
window.Munchkin.createTrackingCookie(true);
}catch(e){
//For IE 7
}
}
So I'm not sure if we even need to block forms2.js
, since I don't see anything terribly fishy in it aside from that attempt to call Munchkin, and even with access to cookies/storage being blocked, I was able to sign up. So it may just be good enough for us to un-block that one script, leaving the other blocking intact. If it's not, we could always put the effort into creating a custom forms2.js version to spoof with, which does not include anything we feel is suspicious (note they currently have an unminified version up at https://app-lon05.marketo.com/js/forms2/js/forms2.js
).
Comment 7•5 years ago
|
||
By using urlclassifier.trackingSkipURLs
, I see that for the page to work, the forms2.min.js
must be allowed, and also the corresponding request to:
https://app-lon05.marketo.com/index.php/form/getForm?munchkinId=538-DCX-400&form=84&url=https%3A%2F%2Fwww.talkwalker.com%2Ffree-demo&callback=jQuery112408598523865987148_1585790062392&_=1585790062393
The munchkinId
parameter is necessary, and is specific to the Marketo instance and not the visitor, so we ought to be safe in whitelisting getForm
(as long as we continue blocking the visitor-specific munchkin.js
).
Comment 10•5 years ago
|
||
This is also affecting Amazon Pay's business account sign-up page, https://pay.amazon.com/signup
. I similarly had to yellowlist these resources for the form to appear there:
https://app-lon06.marketo.com/js/forms2/js/forms2.min.js
https://app-lon06.marketo.com/index.php/form/getForm
Edit: the form no longer appears to use Marketo.
Updated•5 years ago
|
Updated•5 years ago
|
Updated•5 years ago
|
Reporter | ||
Comment 12•4 years ago
|
||
The form it displayed with ETP - Standard.
https://prnt.sc/w3bbuq
Note: The form is not displayed with ETP - Strict (https://prnt.sc/w3bbj7).
Tested with:
Browser / Version: Firefox Nightly 86.0a1 (2020-12-14)
Operating System: Windows 10 Pro
Description
•