search

mozilla / multi-account-containers

Firefox Multi-Account Containers lets you keep parts of your online life separated into color-coded tabs that preserve your privacy. Cookies are separated by container, allowing you to use the web with multiple identities or accounts simultaneously.
https://addons.mozilla.org/firefox/addon/multi-account-containers/
Mozilla Public License 2.0
2.73k stars 343 forks source link

MAC breaks redirects to Polish bank site #1503

Open TrueAccelerator opened 5 years ago

TrueAccelerator commented 5 years ago

-->

! Amazon.co.uk 1.1 true amazon@search.mozilla.org Bing 1.0 true bing@search.mozilla.org Chambers (UK) 1.0 true chambers-en-GB@search.mozilla.org Decentraleyes 2.0.12 true jid1-BoFifL9Vbdl2zQ@jetpack DuckDuckGo 1.0 true ddg@search.mozilla.org eBay 1.0 true ebay@search.mozilla.org Enhancer for YouTube™ 2.0.98.2 true enhancerforyoutube@maximerf.addons.mozilla.org Foxy Gestures 1.2.4 true {e839c3f9-298e-4cd0-99e0-464431cb7c34} Google 1.0 true google@search.mozilla.org Imgur Album Downloader 0.2.1 true imguralbumdownloader@julian-fietkau.de LastPass: Free Password Manager 4.33.4.2 true support@lastpass.com Reddit Enhancement Suite 5.16.10 true jid1-xUfzOsOFlzSOXg@jetpack Session Sync 3.1.12 true session-sync@gabrielivanica.com Stylus 1.5.6 true {7a7a4a92-a2a0-41d1-9fd7-1e92480d612d} Tampermonkey 4.9.5941 true firefox@tampermonkey.net Tree Style Tab 3.1.8 true treestyletab@piro.sakura.ne.jp Twitter 1.0 true twitter@search.mozilla.org uBlock Origin 1.22.2 true uBlock0@raymondhill.net Wikipedia (en) 1.0 true wikipedia@search.mozilla.org Firefox Multi-Account Containers 6.1.0 false @testpilot-containers Tree Tabs 1.9.3 false TreeTabs@jagiello.it YouTube Plus 1.9.6 false particle@particlecore.github.io

Actual behavior

While MAC is enabled various redirects to Polish bank site ipko.pl cause errors to appear. Example error message: Błąd działania aplikacji. Wystąpił błąd aplikacji - szczegółowy opis jest niedostępny. (Application error. Detailed application error description is unavaiable). Other error messages might appear depending on the site that redirects to ipko. So far I have encountered the issue with all kinds of 3rd party payment processing services such as PayU as well as certain government sites.

Expected behavior

Bank site works as intended and shows login page.

Steps to reproduce

  1. Visit a site that contains redirects. For example https://pz.gov.pl/dt/login/login?ssot=hpyaglh2jg4l5qbq6knz
  2. Choose iPKO Bank Polski (iPKO Polish Bank)
  3. The aforementioned "błąd działania aplikacji. Wystąpił błąd aplikacji - szczegółowy opis jest niedostępny. (Application error. Detailed application error description is unavaiable)" error message will appear instead of the login page. The redirect works fine with MAC disabled.
grahamperrin commented 3 years ago

Is this issue reproducible?

  1. Choose iPKO Bank Polski (iPKO Polish Bank)

I do not see iPKO Bank Polski.

TrueAccelerator commented 3 years ago

the option to select it appears when choosing "log in". Since this is a government site, login should be authorised by additional means - one may choose his/her bank to confirm the identity. I forgot about this issue, I cannot currently confirm whether it is still there or has been fixed meanwhile.

grahamperrin commented 3 years ago

the option to select it appears when choosing "log in" …

  1. https://pz.gov.pl/dt/index
  2. click Zaloguj się = https://pz.gov.pl/pz/pages/userIndex
  3. reach a URL such as https://pz.gov.pl/dt/login/login?urlt=⋯ (⋯ = obscured part of the URL)
  4. right hand column, top left, the iPKO Bank Polski icon = https://pz.gov.pl/dt/login/login?urlt=⋯#
  5. apparent redirect to https://login.gov.pl/login/login
  6. apparent redirect to https://login.gov.pl/login/SingleSignOnService
  7. apparent redirect to https://www.ipko.pl/secure/ikd3/bank_node.html

If pz.gov.pl or www.ipko.pl is set to always open in a container, try undoing the setting.

Alternatively, try setting all three sites – pz.gov.pl login.gov.pl www.ipko.pl – to always open in the same container.