Via GPS
"It doesn't work for all websites. After turning on all trackers, m.timesofindia.com kept redirecting to random.org site."
Some thoughts from triage:
FYI: this was also filed for Focus Android on bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1435492
@ekager when you have some cycles away from GV hacking, this may be something to investigate for an hour or two to see if you can suss out anything.
happens to me too with firefox focus.
open the app google news, then open the link from times of india or economic times from the feed then it will redirect most of the time. firefox focus if my default browser.
Successfully reproduced. I started with India's news website TOI and ET and was able to reproduce it with an article from Economic Times (ET).
Here is the link to the article.
A 26 seconds video recorded of replication can be found on this imgur link.
This issue is consistently occurring and can be replicated with some other articles too. Did a search for random.org (and its IP) in the entire source code and found nothing.
(Random.org is hosted behind Cloudflare network and they do not allow opening websites via IP).
This issue needs further investigation.
Firefox Focus 4.0.2 on Redmi device (Also occurring on other devices)
@steptowards Thank you! This is super helpful. With your link I am able to reproduce this! 馃帀
Some observations:
@pocmo These observations are correct.
Awesome investigation @steptowards, what are the next steps to fix it?
Found the issue (possibly)
Indian news websites (TOI and ET) are probably loading an iframe which has an advertisement for a Cricket score app known as Cricbuzz.
When a user scrolls this page (on cache-cleared session), a call to method shouldOverrideUrlLoading results which tries to handle unsupported URL (The comments in the method are very helpful.).
The unsupported URL passed to this method is :
intent://www.colombia-sdk.com/dl#Intent;scheme=http;launchFlags=0x10000010;package=com.cricbuzz.android;component=com.cricbuzz.android/com.til.colombia.dmp.android.PsA;S.browser_fallback_url=http%3A%2F%2Frandom.org;S.id=be28ffe7-cc5e-478e-993b-05ff87cf3cc0-10o78;end
The browser_fallback_url value contains random.org, which gets opened using this handleUnsupportedLink method.
There are two things which are still not understood (need help here) :
Unrelated note : Cricbuzz's parent company Times Internet is a subsidiary of Times of India Group which owns TOI (Times of India) and ET (Economic Times). This could be why the bug reports came mostly from India when users were browsing news articles on these two sites.
The JS loaded on ET was from domain static.clmbtech.com, which on Google search returns colombiaonline.com. The top 2 publisher platforms on its homePage are TOI and ET. The invalid URL intent also has _colombia_ in it.
Most helpful comment
Found the issue (possibly)
Indian news websites (TOI and ET) are probably loading an iframe which has an advertisement for a Cricket score app known as Cricbuzz.
When a user scrolls this page (on cache-cleared session), a call to method shouldOverrideUrlLoading results which tries to handle unsupported URL (The comments in the method are very helpful.).
The unsupported URL passed to this method is :
intent://www.colombia-sdk.com/dl#Intent;scheme=http;launchFlags=0x10000010;package=com.cricbuzz.android;component=com.cricbuzz.android/com.til.colombia.dmp.android.PsA;S.browser_fallback_url=http%3A%2F%2Frandom.org;S.id=be28ffe7-cc5e-478e-993b-05ff87cf3cc0-10o78;endThe browser_fallback_url value contains random.org, which gets opened using this handleUnsupportedLink method.
There are two things which are still not understood (need help here) :
Unrelated note : Cricbuzz's parent company Times Internet is a subsidiary of Times of India Group which owns TOI (Times of India) and ET (Economic Times). This could be why the bug reports came mostly from India when users were browsing news articles on these two sites.
The JS loaded on ET was from domain static.clmbtech.com, which on Google search returns colombiaonline.com. The top 2 publisher platforms on its homePage are TOI and ET. The invalid URL intent also has _colombia_ in it.