Netlify-cms: [Firefox] Unable to login to github from admin when "privacy.firstparty.isolate" flag is true
- Do you want to request a feature or report a bug?
This is a undocumented behavior.
- What is the current behavior?
When using Firefox with the "privacy.firstparty.isolate" flag set to true (in about:config), I'm unable to login.
- If the current behavior is a bug, please provide the steps to reproduce.
- Open Firefox
- Go to "about:config" in the address bar. Change the value of the key "privacy.firstparty.isolate" to true.
- Go to your Netlify CMS back-end (for example: http(s)://yourdomain.com/admin)
- Click on "Login"
A pop-up will open, asking for authorization. After authorization is complete, the pop-up won't close by itself nor you access the back-end on the main frame.
- What is the expected behavior?
It is kinda expeted behavior but perhaps it needs to be detected to warn the user.
- Please mention your CMS, node.js, and operating system version.
Netlify CMS version 1.0.3
- Please link or paste your config.yml below if applicable.
No need.
borisschapira
All 9 comments
I wonder if this is the case when using the git-gateway. @borisschapira were you using git-gateway or github for the backend.name in the config.yml?
talves
on 19 Jan 2018
@talves Github (project: https://github.com/DaughtersOfCharity/oasis/)
borisschapira
on 19 Jan 2018
@borisschapira Can you check for errors in your browser console,on both the CMS window and the authentication popup?
tech4him1
on 19 Jan 2018
My Firefox is in french, so I've got in the main window:
Impossible d鈥檈x茅cuter 芦 postMessage 禄 sur 芦 DOMWindow 禄 : l鈥檕rigine cible fournie (芦 https://api.netlify.com 禄) ne correspond pas 脿 l鈥檕rigine de la fen锚tre du destinataire (芦 https://api.netlify.com 禄).
which roughly translates to:
Unable to execute "postMessage" on "DOMWindow": the provided target origin ("https://api.netlify.com") does not match the origin of the recipient window ("https://api.netlify.com").
As this is an experimental features, I wouldn't spend more time on it. If someone comes back with the same kind of problem, you'll be aware.
borisschapira
on 19 Jan 2018
@borisschapira Yes, agreed, thank you for reporting!
Taking a quick look at the docs on that experimental setting, I'm guessing you should be able to fix this by also setting privacy.firstparty.isolate.restrict_opener_access to false in your FireFox config.
tech4him1
on 20 Jan 2018
Hello
I have the same problem: I can't even log in to https://app.netlify.com/. I'm redirected on a page saying "Authorized", but there is no further redirection to the actual https://app.netlify.com/. And re-entering this url force me to re-log in.
This problem is happening with Firefox Quantum while Chrome has no problem.
Both:
privacy.firstparty.isolate
And:
privacy.firstparty.isolate.restrict_opener_access
Were set to false but it doesn't solve anything. Any thoughts ?
Thanks,
arthurdouillard
on 2 Feb 2018
@Mougatine try clearing all local data for that domain - cookies, localstorage, indexeddb, etc
erquhart
on 2 Feb 2018
Also, since your issue isn't happening only when the flag is set to true, it's probably unrelated. Going to close this since it applies to an experimental browser feature, but please open a separate issue or reach out in Gitter if the problem persists.
erquhart
on 2 Feb 2018
Related issues
chriskirknielsen
路
3Comments
Narno
路
3Comments
kalwalt
路
3Comments
calavera
路
3Comments
andresalerno
路
3Comments
Most helpful comment
Also, since your issue isn't happening only when the flag is set to true, it's probably unrelated. Going to close this since it applies to an experimental browser feature, but please open a separate issue or reach out in Gitter if the problem persists.