mattkram
commented
3 weeks ago Hi @KillshotELOx,
Thanks for reporting this potential vulnerability to us! We will pass this report along internally for review and remediation. Thanks again, we appreciate your work and your report!
Anaconda User Care
JQMIGRATE: Migrate is installed with logging active, version 1.4.1 airgap.js:9 An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing. y @ airgap.js:9 bundle.js:6 [Deprecation] Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead. add @ bundle.js:6 bundle.js:5 JQMIGRATE: jQuery.fn.load() is deprecated i @ bundle.js:5 bundle.js:5 console.trace i @ bundle.js:5 ui.js:31 Transcend Tracking consent auto-prompt suppressed due to supported privacy signals: Do-Not-Track
See https://docs.transcend.io/docs/consent/configuration/configuring-the-ui#user-privacy-signal-integration for more information. i @ ui.js:31 airgap.js:9 An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing. y @ airgap.js:9 (anonymous) @ airgap.js:9 Fe @ airgap.js:9 Kt @ airgap.js:9 Tv.e.appendChild @ airgap.js:9 (anonymous) @ recaptchaen.js:539 lA.bottomright.bottom.render @ recaptchaen.js:1159 (anonymous) @ recaptchaen.js:727 (anonymous) @ recaptchaen.js:728 register:1 Uncaught (in promise) Timeout setTimeout (async) (anonymous) @ recaptchaen.js:731 (anonymous) @ recaptchaen.js:524 (anonymous) @ recaptchaen.js:524 (anonymous) @ recaptchaen.js:727 (anonymous) @ recaptcha__en.js:728JQMIGRATE: Migrate is installed with logging active, version 1.4.1 airgap.js:9 An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing. y @ airgap.js:9 bundle.js:6 [Deprecation] Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead. add @ bundle.js:6 bundle.js:5 JQMIGRATE: jQuery.fn.load() is deprecated i @ bundle.js:5 bundle.js:5 console.trace i @ bundle.js:5 ui.js:31 Transcend Tracking consent auto-prompt suppressed due to supported privacy signals: Do-Not-Track
See https://docs.transcend.io/docs/consent/configuration/configuring-the-ui#user-privacy-signal-integration for more information. i @ ui.js:31 airgap.js:9 An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing. y @ airgap.js:9 (anonymous) @ airgap.js:9 Fe @ airgap.js:9 Kt @ airgap.js:9 Tv.e.appendChild @ airgap.js:9 (anonymous) @ recaptchaen.js:539 lA.bottomright.bottom.render @ recaptchaen.js:1159 (anonymous) @ recaptchaen.js:727 (anonymous) @ recaptchaen.js:728 register:1 Uncaught (in promise) Timeout setTimeout (async) (anonymous) @ recaptchaen.js:731 (anonymous) @ recaptchaen.js:524 (anonymous) @ recaptchaen.js:524 (anonymous) @ recaptchaen.js:727 (anonymous) @ recaptcha__en.js:728
This message usually indicates the use of an older jQuery library version. It's likely not causing the signup issue directly, but it's worth updating jQuery for compatibility and performance.
These warnings suggest potential security vulnerabilities in how iframes are handled. While not directly related to signup, it's important to inform Anaconda.org about these for security reasons.
This warning indicates outdated code practices, but it's unlikely to be the root cause of the signup issue.
This message is informational and not an error. It means the tracking consent prompt was automatically disabled due to your browser's "Do-Not-Track" setting.
This is the most likely culprit for the signup problem. It suggests a timeout occurred, possibly due to network issues, server delays, or problems with the reCAPTCHA verification.
Update jQuery: If you have control over the website's code, update jQuery to the latest version to address the migration warnings. Report Sandbox Warnings: Inform Anaconda.org about the sandbox warnings to ensure website security.