#83 Gitlab logon broken - works after disabling JShelter shields
Opened a month ago by wiggum. Modified a month ago

Summary

When trying to logon to Gitlab as a registered user, the login page loads correctly. However after entering usr/pwd and hitting enter, the page just sits there. Disabling the JShelter shields solves the issue.

Setup

Using Mozilla Firefox v104.0.1 x64.

Pages affected: https://gitlab.com/users/sign_in
JShelter Version: 0.11.1

Popup information (open JShelter popup on affected pages:

  1. Navigate to a page that you are having trouble with: [https://gitlab.com/users/sign_in]
  2. Click on the JShelter badge icon.
  3. Is JavaScript Shield active? [ON]
  4. Is Network Boundary Shield active? [ON]
  5. Is Fingerprint Detector active? [ON]
  6. What fingerprint likelihood does Fingerprint Detector report? None
  7. Did Fingerprint Detector produce any notifications, if so, what was the notification? (see below)
  8. Click on the Modify button next to the JavaScript Shield label. Default level (recommended)
  9. What is the highlighted level button text?
  10. Click on the Detail tweaks of JS shield for this site button.
  11. What wrappers were triggered by the page, list them below:

Time precision: 20
all other wrappers have count 0

[Optional:]

OS: Win 7 x64
Browser: Mozilla Firefox v104.0.1
Other extensions that might affect JShelter behaviour:

How to reproduce

  1. [List steps to reproduce your issue ]
  2. ...
  3. ...

Expected result

Expected to be able to logon when filling out usr/pwd and hitting enter.

Actual result

When filling out usr/pwd and hitting enter, the page doesn't do anything

Reproducibility

No

Workarounds

Disabling all shields solves the issue.

Have you tried other steps to solve the issue?

No

Full report of the detection:

FingerprintingActivity

Definition of fingerprinting behavior by FPD module.
BrowserProperties

Fingerprinting methods based on simple information gathering by accessing certain APIs.
NavigatorBasic

Basic information about browser and system.
- Navigator.prototype.userAgent (17)
- Navigator.prototype.language (1)
- Navigator.prototype.platform (3)
- Navigator.prototype.product (9)
NavigatorMobile

Information about features supported by mobile devices.
- Navigator.prototype.maxTouchPoints (1)
LocalizationInfo

Localization details and keyboard layout.
- Date.prototype.getTimezoneOffset (1)
ScreenInfo

Information about screen and its properties.
- Screen.prototype.height (2)
- Screen.prototype.width (2)
- Screen.prototype.colorDepth (1)
- Screen.prototype.availWidth (1)
WindowInfo

Information about screen from root Window object.
- window.devicePixelRatio (1)
- window.innerWidth (4)
StorageInfo

Availability of WebStorage technology.
- window.localStorage (15)
- window.sessionStorage (1)
- window.indexedDB (1)
NavigatorFlags

Binary browser settings.
- Navigator.prototype.doNotTrack (6)
TimeInfo

Information about exact time values.
- Performance.prototype.now (5)
- Date.now (44)
AlgorithmicMethods

Fingerprinting methods based on specific procedures, calculations or processing.
FontsEnumFingerprint

System fonts enumeration techniques.
- CanvasRenderingContext2D.prototype.font (2)
CanvasFingerprint

Extraction of rendered image from 2D canvas.
- CanvasRenderingContext2D.prototype.fillText (2)
- CanvasRenderingContext2D.prototype.fillStyle (7)
- HTMLCanvasElement.prototype.toDataURL (1)
- CanvasRenderingContext2D.prototype.getImageData (1)
WebGLFingerprint

Extraction of rendered image from WebGL canvas.
- HTMLCanvasElement.prototype.toDataURL (1)
- CanvasRenderingContext2D.prototype.getImageData (1)
CrawlFpInspector

APIs often abused for fingerprinting according to FP-Inspector study.
- Navigator.prototype.maxTouchPoints (1)
- Navigator.prototype.doNotTrack (6)
- CanvasRenderingContext2D.prototype.fillStyle (7)
- HTMLCanvasElement.prototype.toDataURL (1)
- CanvasRenderingContext2D.prototype.getImageData (1)
- CanvasRenderingContext2D.prototype.isPointInPath (1)
- CanvasRenderingContext2D.prototype.textBaseline (1)
- CanvasRenderingContext2D.prototype.globalCompositeOperation (1)
- CanvasRenderingContext2D.prototype.fillRect (1)
- CanvasRenderingContext2D.prototype.closePath (3)
- CanvasRenderingContext2D.prototype.beginPath (3)


Login to comment on this ticket.

Metadata