Closed MysteryIII closed 1 year ago
crssi
commented
3 years ago It happened similar a few times to me... when payment was in process the page was loading indefinitely, or beter the "hour" image in the middle went indefinitely, and the payment failed eventually.
I haven't had time to investigate, but I suspected the EasyPrivacy list in uBlock Origin.
Are you using perhaps uBlock Origin with EasyPrivacy list?
Cheers
MysteryIII
commented
3 years ago I deactivated one Add-On after the other to pin down the problem. And as mentioned before, it was when I deactivated CanvasBlocker when it worked again. It was also the last extension to deactivate and retrying did not help until then, so there is no doubt about the culprit.
crssi
commented
3 years ago Just needed to use paypal now, and did a digging and you are right @MysteryIII
I have a success with workaround:
Cheers
kkapsner
commented
3 years ago That's a hard one to tackle... I'm not able to see a problem in the paypal sandbox. Are there any error messages in the console? (Ctrl + Shift + K)
The approach of crssi will work but may allow too much. Can one of you try to disable the protection of different APIs to see which one is the culprit?
crssi
commented
3 years ago Will pay attention to console next time I do the payment... which is not so often. 😞
spodermenpls
commented
3 years ago I'm using PayPal a lot and never had problems in conjunction with CanvasBlocker. However, someone, whom I have hooked up with CB, reported about frequent payment process issues. I have no clue what the culprit might be, since I use an identical setup (except for the addition of uMatrix on my side).
MysteryIII
commented
3 years ago I will try to report back next time. But as it happens on the "final" button once you change a big setting you can't try to define more precise to details.
I know about the black/white list, but this would only be a workaround and no fix.
What I can say is: it only appears on the "buy now" (or "pay now" (yellow background button) I'm not using English as native) button of Paypal, which opens a Popup and not with the pay button that will open Paypal in the same window or as an frame/inlay or just redirect to Paypal in the same window. On some sites I saw both buttons, on others only one. Recently I only got the "buy now" button. Don't know if it's a change by Paypal or more sites are using this mechanism.
spodermenpls
commented
3 years ago @MysteryIII That's a valuable piece of information, I never (had to) use those standalone "Donate / Pay with PayPal" buttons (at least since I've installed CB, around five years ago), this might explain why it never affected me. Recreating the transaction process (to monitor consoles etc) without actually having to trigger a real transaction is probably going to be difficult, however..
kkapsner
commented
3 years ago That's very good information. With that I was able to reproduce it on https://demo.paypal.com/de/demo/go_platform/partners/home
The "problem" is the window API protection. So you have to whitelist paypal for that API.
I would add an entry for that in the "Convenient settings".
crssi
commented
3 years ago I do not use Window API protection, since I have it covered over Firefox prefs and resistFigerprinting.
Here are my CB settings https://github.com/crssi/Firefox/blob/master/CanvasBlocker-settings.json Paypal exclusion is in there now, so to test you need to drop it out.
Will try the demo. paypal site and report back later today.
Cheers
kkapsner
commented
3 years ago Great thanks.
crssi
commented
3 years ago I cannot reproduce on demo site. I will need to do one payment over paypal in the next week and will take an opportunity to make a live test. If you have any special instruction for me, let me know.
Cheers
kkapsner
commented
3 years ago Nothing special: try disabling different API protections for paypal.com (I think the easiest way is over the whitelist inspection) and see which one causes the problem.
spodermenpls
commented
3 years ago It just happened that I had to purchase a shipping label on dhl.de, and there such a PayPal button is in use. After pressing that button the usual pop-up window opened, I chose the payment method (Bank account or Credit Card), but then it aborted with a "Fehler.. erneut versuchen" page. Since purchasing that label was very time critical, I had no nerve to play around with whitelisting individual APIs (also to avoid a timeout or session end), and just put "paypal.com" on the whitelist altogether, which solved the issue.
Addendum: After a lot of testing (and half-way breaking CB...), and a real shipping label order, which DHL allows to cancel (and refund) right after order, I've found out that the Window API protection indeed was at fault. With my first testing row, I've didn't realise that CB's information relating to the pop-up was only shown in the pop-up itself, not on the "mother window", like it was the case with opening embedded Youtube videos, on another issue in the past. Adding it to the convenience preset is therefore the right measure, however it should be noted in the FAQs too, that processing PayPal transactions which start with the "yellow badge buttons" require the Window API to be exempt from protection for paypal.com, or it won't work (in case someone doesn't use the convenience preset, but uses yellow-badge-PayPal).
kkapsner
commented
3 years ago Thanks for testing! I added a section to the FAQs - not sure if I should go more in depth.
If someone once applied the convenience preset they will not be automatically receive this change. It has to be applied again. So I guess quite a lot people will be affected by this.
spodermenpls
commented
3 years ago I would phrase the FAQ entry a little bit different, since the PayPal button itself is unaffected:
PayPal transactions started with "Buy now" button not working!
[...] window API protection hinders the completion of all transaction processes initiated via PayPal's "Buy now" button.Done. So there is nothing more to do here I think.
If @crssi sees the problem again without having the window API protection active I can reopen the issue.
crssi
commented
3 years ago I am sorry... Security shit hits the fan over last 10 days going around the globe prevented me to make those tests. I haven't forgot and will report back as soon as I can.
❤️
kkapsner
commented
3 years ago No problem and no hurry.
spodermenpls
commented
1 year ago @kkapsner I've just noticed that the user login on dhl.de (now) uses a similar, separate pop-up window as PayPal does, which also requires the Window API to be excluded from being protected to be able to work. Therefore, "dhl.de" should also be included in the "Convenient preset" (I took a quick glance at foreign countries' DHL websites, user accounts and their login interfaces generally seem to be structured differently, leading to dedicated portals that don't seem to use this fancy way of pop-up login windows (yet?)).
kkapsner
commented
1 year ago That's a crappy trend with the return of popup windows... But you're right. I'll add it to the convenience preset.
While CanvasBlocker is activated, I'm not able to complete my payment.
Description
When buying something and you click on "buy now" a Popup will appear where you have to login. After that you choose your preferred payment method (Credit Card, Bank Account, rates) and verify it with a click on the blue button down. At this point you will always be redirected (or simply reloaded) to the current page and can't verify the payment. Optical it's like you're clicking on a reload button. If I now deactivate Canvas Blocker, it works normally.
Being unable to pay with Paypal is quite the problem and as deactivating the Add-On fixes it, it's clearly caused by it.
Expected Behavior
Verifying payment should work without disabling Add-On or putting site on whitelist.
Current Behavior
Verifying payment is not possible.
Steps to Reproduce (for bugs)
Context
Happened already on different pages.
Your Environment
Your Settings
Settings
{ "logLevel": 1, "urlSettings": [ { "url": "", "protectDOMRect": true, "fakeMinimalScreenSize": true } ], "hiddenSettings": { "audioFakeRate": false, "webGLVendor": false, "enableStackList": false }, "expandStatus": { "protectNavigator": true, "blockMode": true, "allowWindowNameInFrames": false, "protectDOMRect": true, "section_DOMRect-API": true, "protectScreen": false, "showNotifications": true, "section_History-API": true, "fakeMinimalScreenSize": true }, "displayHiddenSettings": true, "whiteList": "", "sessionWhiteList": "", "blackList": "", "blockMode": "fake", "protectedCanvasPart": "input", "minFakeSize": 10, "maxFakeSize": 0, "rng": "persistent", "protectedAPIFeatures": {}, "useCanvasCache": true, "ignoreFrequentColors": 3, "minColors": 3, "fakeAlphaChannel": false, "webGLVendor": "", "webGLRenderer": "", "webGLUnmaskedVendor": "", "webGLUnmaskedRenderer": "", "persistentRndStorage": "{}", "persistentIncognitoRndStorage": "", "storePersistentRnd": false, "persistentRndClearIntervalValue": 0, "persistentRndClearIntervalUnit": "days", "lastPersistentRndClearing": 1609234230106, "sharePersistentRndBetweenDomains": false, "askOnlyOnce": "individual", "askDenyMode": "block", "showCanvasWhileAsking": true, "showNotifications": true, "highlightPageAction": "none", "highlightBrowserAction": "color", "displayBadge": true, "storeNotificationData": false, "storeImageForInspection": false, "ignoreList": "", "ignoredAPIs": {}, "showCallingFile": false, "showCompleteCallingStack": false, "enableStackList": false, "stackList": "", "protectAudio": true, "audioFakeRate": "0.1%", "audioNoiseLevel": "minimal", "useAudioCache": true, "audioUseFixedIndices": true, "audioFixedIndices": "13", "historyLengthThreshold": 2, "protectWindow": true, "allowWindowNameInFrames": true, "protectDOMRect": true, "domRectIntegerFactor": 4, "protectTextMetrics": true, "blockDataURLs": true, "protectNavigator": false, "navigatorDetails": { "windowManager": "Windows", "platform": "Win32", "platformDetails": "Windows NT 10.0; Win64; x64", "oscpu": "{platformDetails}" }, "protectScreen": true, "screenSize": "", "fakeMinimalScreenSize": false, "displayAdvancedSettings": true, "displayDescriptions": true, "theme": "auto", "dontShowOptionsOnUpdate": false, "isStillDefault": false, "storageVersion": 1 }