search

ghostery / broken-page-reports

8 stars 4 forks source link

leireg.de #160

Open GRadziejewski opened 1 year ago

GRadziejewski commented 1 year ago

Description Cookie pop-up is visible when Ghostery Browser Extension is installed and turned ON.

Steps to Reproduce

  1. Open https://leireg.de
  2. Wait for cookie pop-up leireg deen_Chrome_GBE_ON

Expected Results: Cookie pop-up should not be visible.

Versions Browser: Firefox 108.0b7 OS: Windows 10 Pro 19044.2006 GBE 8.9.7

Browser: Chrome 107.0.5304.107 OS: Windows 10 Pro 19044.2006 GBE 8.9.6

GRadziejewski commented 1 year ago

Cookie pop-up is hidden by Ad-Blocking, way before Never-Consent could be triggered. But after turns off Ad-Blocking, Never-Consent is still not triggered.

Firefox_1 Firefox_2

Checked on: Browser: Firefox 114.0 OS: Windows 10 Pro 19045.2965 GBE 8.10.03

Browser: Chrome 114.0.5735.91 OS: Windows 10 Pro 19045.2965 GBE 8.10.3

Browser: Opera 99.0.4788.65 OS: Windows 10 Pro 19045.2965 GBE 8.10.3

Browser: Edge 114.0.1823.37 OS: Windows 10 Pro 19045.2965 GBE 8.10.3

On Safari, cookie pop-up is hidden by Never-Consent, but Never-Consent is not triggered at all, pop-up from it do not appears.

Browser: Safari 16.3 (18614.4.6.1.6) OS: MacOS Ventura 13.2.1 GBE 10.0.10

GRadziejewski commented 9 months ago

Problem still occurs. Never-Consent is not triggered and cookie pop-up is still visible.

Checked on:

Browser: Firefox 120.0
OS: Windows 10 Pro 
GBE 8.12.5

Browser: Chrome 120.0.6099.71
OS: Windows 10 Pro 
GBE 8.12.4

Browser: Safari 17.2 (19617.1.17.11.9)
OS: MacOS Ventura 14.2
GBE 10.2.6
seia-soto commented 9 months ago

Never consent can be enabled on this site with the following methods but there're pros and cons in each options:

a) Automatically set consent cookies by using technical essential option

This method creates a trackable identifier in cookie value. Currently, adblockers don't support setting cookies with random methods. Also, the use of scriptlet will slow the site load speed down.

Technical details By analyzing the site source code, the cookie signature matches the following: - `https://www.leireg.de/_assets/f474f8bbcdf18f65d8755d5e5edb7bde/js/cc.js` ```js const randomId = '0' // Looks like format or value doesn't matter (/[\da-f]{16}/) const allowTechnicalCookiesOnly = true const example = `${Math.floor(Date.now() / 1000)}-${randomId}-1${allowTechnicalCookiesOnly ? '0' : '1'} ```

b) Just never consent

I cannot see the site breakage with following rule but real user may experience breakage.

leireg.de##div#cc
GRadziejewski commented 1 month ago

The cookie popup is partially hidden.

image

Checked on:

Browser: Chrome 127.0.6533.100
OS: Windows 10
GBE 10.4.1

Browser: Firefox 129.0
OS: Windows 10
GBE 8.12.13

Browser: Safari 17.6
OS: macOS 14.6.1
GBE 10.4.1