asumansenol
commented
2 years ago Can you provide the URL of the login page so we can check the case?
Closed carlostkd closed 2 years ago
asumansenol
commented
2 years ago Can you provide the URL of the login page so we can check the case?
asumansenol
commented
2 years ago Thanks for your interest! Some of the third parties blocked by the add-on can cause this problem. When you disable blocking all the third parties, the issue will be solved. In this case, only the leaky requests to tracker domains will be blocked.
carlostkd
commented
2 years ago Hi thanks for your reply, for security reasons i cant provide the url, i have tested with the 3rd parties disabled and the problem persist, if i can help with some data extracted from the inspector or even from burpsuite just let me know. by the way this website does not sniffs at least the addon shows nothing.
carlostkd
commented
2 years ago ok i found a website where you can replicate this error , instagram.com from the inspector element i get this:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://graph.instagram.com/logging_client_events. (Reason: CORS request did not succeed). Status code: (null).
gunesacar
commented
2 years ago Thanks for the report @carlostkd
I cannot figure out about how the add-on can cause a CORS error. Does this error only appear when you have LeakInspector enabled?
If so, could you provide the reproduction instructions? I tried the login/signin page, but couldn't trigger this error message.
carlostkd
commented
2 years ago Hi i was working deep on this could not understand why you cant reproduce that. I have tried 3 different web browsers and the error always occurs , then i switched to another network environment and ... nothings happen it works ! :) After that i deep look on the network devices and router settings , and finally i have spotted that the DNS (/etc/resolv.conf) was the culprit . Sorry for that but i never spotted dns errors before , so it was more logical for me to associate the error with an recent new extension.
Cheers
gunesacar
commented
2 years ago No worries, @carlostkd. It's normal that you associated it with the extension. Thanks for the clarification...
Hi i have installed and tested the extension and i have realized that in some websites where i have account with this extension enabled i cant make login always return username or password wrong when i disable the extension i can make login again with the same credentials.