Closed Bug 1485641 Opened 6 years ago Closed 4 years ago

The Cart popup is not displayed on www.nvidia.com with Basic Tracking Protection ON

Categories

(Web Compatibility :: Desktop, defect, P3)

Product:
Web Compatibility
Component:
Desktop
Version:
Firefox 62
Platform:
x86_64
Windows 10
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: sergiu, Unassigned)

References

(Blocks 1 open bug,
URL
)

Details

(Whiteboard: [tp-ads][tp-yellowlist-active][tp-storefront])

User Story

api.digitalriver.com
Environment: Operating system: Windows 10 Pro Firefox version: Firefox Nightly 63.0a1 (2018-08-23) (64-bit) Prerequisites: Enable Basic Tracking Protection Steps to reproduce: 1. Navigate to: https://www.nvidia.com/en-us/geforce/graphics-cards/rtx-2080-ti/ 2. Scroll down to the "NVIDIA NVLINK" section. 3. Click on any of the "PRE-ORDER" buttons. Expected Behavior: The Cart popup is displayed. Actual Behavior: An empty overlay is displayed. Notes: 1. Screenshot attached: http://prntscr.com/km0oru
This is related to `trackingprotection` breakage #1101005 Looking at the devtools console, here are the blocked resources: The resource at “https://api.digitalriver.com/v1/shoppers/me/products?callback=jQuery11110611588771646236_1535022433018&format=json&expand=all&locale=en_us&apiKey=9485fa7b159e42edb08a83bde0d83dia&currency=USD&productId=5218984100%2C5218984100%2C5218984400%2C5218984500&_=1535022433019” was blocked because content blocking is enabled.[Learn More] So these are the domains to test: api.digitalriver.com I opened the URL in a fresh browser profile (Firefox Nightly 63, uMatrix installed, normal mode) and loaded the page. Clicked on any of the "PRE-ORDER" buttons. An empty overlay is displayed. I disabled the Spoof Referrer option in uMatrix and then *WHITELISTED*: -api.digitalriver.com After this, the "Cart" overlay was displayed and functional. The other resources didn't help. http://prntscr.com/km0r1g digitalriver.com can be found in the disconnect-blacklist.json and disconnect-entitylist.json. So in conclusion: digitalriver.com - Advertising = [tp-ads]
User Story: (updated)
Whiteboard: [tp-ads]
Product: Tech Evangelism → Web Compatibility

There are of course no "pre-order" buttons anymore, but in basic mode I can click the "add to cart" buttons and the "checkout" button that comes up after that. In strict mode the "checkout" button breaks, forever labelled "checking out...".

I see this in the console upon clicking that button:

The resource at “The resource at “https://api.digitalriver.com/v1/shoppers/me/carts/active/lin…86c825b189a0992c758abe0b860eb66bf36cd6289301&_=1585761505834” was blocked because content blocking is enabled.” was blocked because content blocking is enabled.

I suspect that we ought to not actually block requests to https://api.digitalriver.com/v1/shoppers/me/carts/active/web-checkout, at least in user-activated code, or on vetted shopping sites.

Note that this is another case of Digital River's storefront code not being permitted despite the user actually trying to shop, making this similar to bug 1483201 (though not quite the same).

See Also: → https://bugzilla.mozilla.org/show_bug.cgi?id=1483201
Whiteboard: [tp-ads] → [tp-ads][tp-yellowlist-active][tp-storefront]

This issue was previously verified by my colleague and was not reproduced. With ETP on standard, when reaching the "NVLINK" section of the page, the cart popup is displayed with no issues.

Tested with:
Browser / Version:Firefox Nightly 86.0a1 (2021-01-13)
Operating System: Windows 10 PRO x64

When I tried to reproduce the issue with Standard or Strict, the product is no longer in stock, and it has been like that for a long time.
https://prnt.sc/10na17p

Tested with:
Browser / Version:Firefox Nightly 88.0a1 (2021-03-15)
Operating System: Windows 10 Pro

I'd say we can close the issue as fixed, based on the initial testing.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.