Environment:
Operating system: Ubuntu 20.4 LTS x64
Firefox version: :Firefox Nightly 88.0a1 (2021-02-23)

Preconditions:
ETP set to STRICT

Steps to reproduce:

1. Navigate to: https://www.washingtonpost.com/opinions/trust-but-verify-an-untrustworthy-political-phrase/2016/03/11/da32fb08-db3b-11e5-891a-4ed04f4213e8_story.html
2. Click "Browse now" from the "Free" option list.
3. Select "I agree" option.
4. Click on "Continue to site" .
5. Observe the page.

Expected Behavior:
The user can navigate the page.

Actual Behavior:
A warning message regarding ads is blocking the navigation of the page.

Notes:

1. Does not reproduce with ETP set to standard.
2. Reproducible across all Desktop platforms.

This is part of their paywall code. After looking over their obfuscated code for a while, it turns out that they're checking for service worker support the "navigator" clause of this code-block:

if (_0x5a0edd[_0x2eaf("0x50")] === "safari")
  // snip
else if (_0x5a0edd[_0x2eaf("0x50")] === _0x2eaf("0x55"))
  _0x41f2bc["pv"] = !navigator[_0x2eaf("0xa3")];
else if (window[_0x2eaf("0xa4")] || window[_0x2eaf("0xa5")])
  _0x41f2bc["pv"] = !window["indexedDB"];
else
  _0x41f2bc["pv"] = ![];

If I spoof service worker support (navigator.serviceWorkers = {}) before then, the notice changes to "we noticed that you're blocking ads".

So one part of the fix here would be addressing bug 1320796. Alternatively, we could add a site-specific intervention which ensures that navigator.serviceWorkers is spoofed. That would not really be a great fix if fingerprinting is a concern, and it's plausible that WaPo will move to find another way to determine if Private Browsing is on.

The ad-blocking check itself is a simple XMLHttpRequest for https://securepubads.g.doubleclick.net/gampad/adx?iu=/701/ad-blk&sz=2x1&c=522386401805068&tile=1&u_tz=240, which is a 2x1 tracking pixel, so we could ultimately just shim/redirect similar XMLHttpRequests to a local image. If desirable, we could also sniff the sz variable to block only images that are small enough to look like tracking pixels. This seems worthwhile, though it's possible that WaPo would also move to using a different test here as well, even if we only block the tracking pixels (whether or not their other ads are still displayed).

Reproduced this on Nightly 89.0a1 (20210329214331) on Ubuntu 20.04.
I can no longer reproduce this issue on the latest Nightly 93.0a1 nor on the latest Firefox 92 beta 1 - the adds warning is no longer displayed.
Tested with Strict Mode ON on macOS Big Sur 11.5, Ubuntu 20.04 x64 and, Windows 10 x64.

Tom, considering this is no longer repro, can it be closed? Thanks!

I was not able to reproduce this issue on the 8/23 Nightly build with GV 93.0a1, on Lenovo Tab M10 (Android 10).
I'll close it as fixed.

[spoof navigator.serviceWorkers] That would not really be a great fix if fingerprinting is a concern

FYI: for future reference, if it's just for one or a few sites (and universally applied for all ETP shim users), then it's not going to be useful for fingerprinters at all. And FWIW, PB mode and service workers are not stable fingerprint metrics

That, and I'm not sure how it would add any entropy for fingerprinters as long as all users of PB mode spoof exactly the same way (just like how it is right now with every such user not having navigator.serviceWorkers).