Web-bugs: mip.moe.gov.sa - "Captcha" image is not displayed

Created on 7 Mar 2020  路  4Comments  路  Source: webcompat/web-bugs





URL: https://mip.moe.gov.sa/noor/account/signin?ReturnUrl=/noor/issue/wsfed?wtrealm=https%3A%2F%2Ffg.moe.gov.sa%2F&wctx=WsFedOwinState%3DaR-2GIA1jOKYArdjs37UnG-Rtdz7dOJmN3Q45bGTHNfRYJ01T6Y0hoABoOzeMM2d8wup0BRjn4klzovQFm-fOMtUdGArukfFbBdo9gsm-SH62R4qxjvI6iFK-MvsS3VOeu1l8Bq6FxmQ-vctGqIGXw&wa=wsignin1.0

Browser / Version: Firefox Mobile 75.0
Operating System: Android
Tested Another Browser: Yes

Problem type: Something else
Description: Captcha not showing
Steps to Reproduce:


Browser Configuration

  • None

_From webcompat.com with 鉂わ笍_

browser-fenix engine-gecko priority-normal severity-critical type-cookie-sameSite
Source
picture webcompat-bot

Most helpful comment

I can confirm that this is not reproducible in Firefox (Fennec) and Firefox Preview stable, 3.2.1 (Build #20250350)
28.0.3, f0dc2cadd
GV: 73.0-20200123172213


And apparently the black box was caused by the img response of a HTTP request. This seems to be a regression.

picture reinhart1010 on 10 Mar 2020
👍2

All 4 comments

Thanks for the report, I was able to reproduce the issue.
image
CaptchaBroken

Note:

  1. The issue is not reproducible on Chrome and Firefox Beta.
  2. The issue is reproducible on Firefox regardless if TP is enabled or not.

Tested with:
Browser / Version: Firefox Preview Nightly 200309 (馃: 75.0a1-20200306094739), Firefox Beta 68.6b5
Operating System: Huawei P20 Lite (Android 8.0.0) - 1080 x 2280 pixels, 19:9 ratio (~432 ppi density), Samsung Galaxy S6 Edge (Android 7.0) - 1440 x 2560 pixels (~577 ppi pixel density)

Moving to Needsdiagnosis for further investigation.

softvision-oana-arbuzov picture softvision-oana-arbuzov on 9 Mar 2020

I can confirm that this is not reproducible in Firefox (Fennec) and Firefox Preview stable, 3.2.1 (Build #20250350)
28.0.3, f0dc2cadd
GV: 73.0-20200123172213


And apparently the black box was caused by the img response of a HTTP request. This seems to be a regression.

reinhart1010 picture reinhart1010 on 10 Mar 2020
👍2

This is breaking because of sameSite=lax cookie (https://bugzilla.mozilla.org/show_bug.cgi?id=1604212)

When requesting initial image (GET to https://mip.moe.gov.sa/noor/captcha/generate?t=fc8b9010644c4abbb489c292c779baee) and on all subsequent requests (POST to https://mip.moe.gov.sa/noor/captcha/refresh) certain cookies are expected, however they're not set

Looks like these are the cookies that are expected:

Screen Shot 2020-03-10 at 2 43 22 PM

The site should set SameSite=None; Secure when setting those two cookies. I'll move this to needscontact

ksy36 picture ksy36 on 10 Mar 2020
👍1

After retesting the issue I confirm that the issue has been fixed.

image

Tested with:
Browser / Version: Firefox Nightly 200825(馃 81.0a1-20200820093209)
Operating System: OnePlus6 (Android 10) - 1080 x 2280 pixels (~402 ppi pixel density)
Closing the issue as fixed.

cipriansv picture cipriansv on 27 Aug 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Ezio916 picture Ezio916  路  4Comments
tGstep picture tGstep  路  3Comments
oksas picture oksas  路  5Comments
bull500 picture bull500  路  5Comments
halwane050 picture halwane050  路  5Comments