register.k1speed.com - Waiver not rendered, unable to finish registration

webcompat / web-bugs

A place to report bugs on websites.

https://webcompat.com

Mozilla Public License 2.0

742 stars 65 forks source link

register.k1speed.com - Waiver not rendered, unable to finish registration #132238

Open webcompat-bot opened 9 months ago

webcompat-bot commented 9 months ago

URL: https://register.k1speed.com/tor/waiver

Browser / Version: Firefox Mobile 121.0 Operating System: Android 14 Tested Another Browser: Yes Chrome

Problem type: Site is not usable Description: Buttons or links not working Steps to Reproduce: Affected browsers. Firefox fennec mobile (f droid) 121.0 build id 20231221193920 and Firefox focus 120.0.1 build id 20240108143603 mobile (Google play) Works on chrome: 120.0.6099.210 (Official Build) (64-bit)

Pre requisites. Your name and address does not have a waiver associated, but you can click create a new customer as a wordaround

Navigate to https://register.k1speed.com/tor
Enter your information
Enter signed waiver
Attempt to click "I agree and confirm that I read the waiver"

The check box does not work even if you sign the field. I also noticed the waiver legalise is not rendered either. The signed up works on chrome

View the screenshot

Browser Configuration

None

From webcompat.com with ❤️

sv-calin commented 9 months ago

Thank you for reporting this issue, I was able to reproduce it. The waiver must be scrolled in order to be able to check the box "I agree and confirm that I have read the waiver" and proceed with the registration.

Chrome:

Firefox:

Tested on: • Browser / Version: Firefox Nightly 123.0a1-20240114211039 / Firefox Release 121.0.1-20240108143603 / Chrome 120.0.6099.43 • Operating System: Google Pixel 5 (Android 14) - 1080 x 2340 pixels, 19.5:9 ratio (~432 ppi density)

Notes:

Reproducible on both Firefox Release and Nightly regardless of the ETP status
Not reproducible on Chrome

Moving to Needsdiagnosis.

[qa_03/2024]

hungrymonkey commented 9 months ago

Screenshot from 2024-01-20 03-28-50

Cross-Origin Request Warning: The Same Origin Policy will disallow reading the remote resource at https://api.fikable.com/public/tor/process.api/customers/login soon. (Reason: When the `Access-Control-Allow-Headers` is `*`, the `Authorization` header is not covered. To include the `Authorization` header, it must be explicitly listed in CORS header `Access-Control-Allow-Headers`). 
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Seems like a cors issue.

hungrymonkey commented 9 months ago

flatpak info org.kde.angelfish

Angelfish Web Browser - Webbrowser for mobile devices

      ID: org.kde.angelfish
     Ref: app/org.kde.angelfish/x86_64/stable
    Arch: x86_64
  Branch: stable
 Version: 23.08.4
 License: GPL-2.0-or-later
  Origin: flathub

Collection: org.flathub.Stable Installation: system Installed: 190.9 MB Runtime: org.kde.Platform/x86_64/5.15-23.08 Sdk: org.kde.Sdk/x86_64/5.15-23.08

  Commit: 8d9e548561a1b6e4cf50857fedf0875837263d0a0c05382b5d5e820f7d308bb5
  Parent: c52ea6b83bb03e0b99f845bb28276a94debf09598880ee60f3278ded2068b393
 Subject: Update angelfish-23.08.3.tar.xz to 23.08.4 (c1fef1a5)
    Date: 2023-12-08 00:36:39 +0000