Closed karlht closed 7 years ago
From @hoosteeno via e-mail:
User Agent: IE 9, IE 10 with DEFAULT privacy settings ("Medium")
Steps to reproduce: 1) Visit Mozillians.org and click signin 2) Use an email address at mozilla.com; proceed through Persona authentication
Expected: Identity verified, signed in to site
Actual: Returned to Persona email address input with a message: "Mozillians.org uses Persona instead of usernames to sign you in."
Workaround: Change privacy settings to "Accept All Cookies" (and perhaps other settings more permissive than "Medium" -- this is untested)
BrowserId dealt with this issue as well:
Should port these into Vinz Clortho...
Is this an issue with the identity bridges, or are we safe thanks to *.login.persona.org being a subdomain of login.persona.org?
This is not an issue with bigtent and sideshow (yahoo and google) on IE{8,9,10}. In fact, the p3p change wasn't necessary for bigtent with those versions of IE.
Great, thanks jrgm!
So this was an open issue - https://github.com/mozilla/vinz-clortho/issues/88. But really, IE all versions not working should have blocked turning this on.
I initially typoed the above and have now corrected.
@mostlygeek rather than just copy-paste code across repos, maybe I can publish that p3p library on npm and you guys can use the code that way
@6a68 sure. when it's ready I'll push out a new deploy version.
Usage of bigint was removed (by me) from the lockdown settings. This needs to be put back in otherwise jwcrypto falls back to using javascript instead of the native C libraries. A massive speed hit.
See: https://github.com/mozilla/vinz-clortho/commit/794c302c828a5760efc0057df1f8bf9dc1901703#L0L34
IRC log here: http://irclog.gr/#show/irc.mozilla.org/identity/302524
Basically, IE9/IE10 aren't permitting login through MozIdP except if you turn 'Internet Security' settings down to 'low.' As Jared says, if the P3P headers are correct, we should work fine with the default settings.
@6a68, @mostlygeek: If I've gotten some of this wrong, please feel free to comment/edit the bug.