New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 686350 link

Starred by 2 users

Issue metadata

Status: Archived
Owner: ----
Closed: Apr 2018
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Compat



Sign in to add a comment

Can't buy Bits on Twitch TV

Reported by khym.cha...@gmail.com, Jan 28 2017

Issue description

UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Example URL:
https://www.twitch.tv/

Steps to reproduce the problem:
1. Find a live stream on Twitch.tv (while logged into Twitch)
2. Find the text-area at the bottom of the chat area.
3. Click on the triangular gem-icon to the left of the smiley icon in the text-area (not all live streams will have the gem-icon, you might need search around a bit to find one with it enabled)
4. Click the "Get Bits" button.
5. Click any of the dollar amounts buttons.

What is the expected behavior?
The new window which pops up will properly render the stuff to buy Bits.

What went wrong?
The new window is empty, and the JavaScript console shows a number of errors (console log attached).

Does it occur on multiple sites: No

Is it a problem with a plugin? No 

Did this work before? N/A 

Does this work in other browsers? Yes

Chrome version: 56.0.2924.76  Channel: stable
OS Version: Fedora 25
Flash Version: Shockwave Flash 24.0 r0

1) Works fine in Firefox 50.1.0

2) Not fixed by doing shift-Ctrl-R on either the Twitch.tv tab or the new Bits window.

3) Not fixed by using a brand new user profile.

4) *IS* fixed by restarting Chrome with all experiments turned off (though you might have to do ctrl-shift-R in the new window to get it to work).  I haven't narrowed down exactly which experiment, so here's the command line and variants from about:version

/opt/google/chrome/google-chrome --enable-crash-reporter --password-store=kwallet --flag-switches-begin --allow-insecure-localhost --enable-browser-task-scheduler --data-reduction-proxy-lo-fi=disabled --disable-device-discovery-notifications --disable-new-bookmark-apps --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false --disable-distance-field-text --enable-app-window-controls --enable-clear-browsing-data-counters --enable-default-media-session --enable-devtools-experiments --enable-display-list-2d-canvas --enable-google-branded-context-menu --enable-gpu-rasterization --enable-grouped-history --enable-input-ime-api --new-profile-management --enable-offline-auto-reload-visible-only --enable-offline-auto-reload --disable-password-generation --enable-permissions-blacklist --disable-push-api-background-mode --enable-quic --disable-settings-window --use-simple-cache-backend=on --enable-single-click-autofill --enable-site-engagement-service --enable-spelling-feedback-field-trial --enable-suggestions-with-substring-match --enable-tab-audio-muting --enable-tcp-fastopen --enable-webrtc-stun-origin --enable-zero-copy --enable-experimental-extension-apis --extensions-on-chrome-urls --gpu-rasterization-msaa-sample-count=2 --ignore-gpu-blacklist --enable-lcd-text --num-raster-threads=4 --disable-overlay-scrollbar --security-chip-animation=animate-all --security-chip=show-all --show-saved-copy=primary --ssl-version-max=tls1.2 --supervised-user-safesites=disabled --touch-events=disabled --v8-cache-options=code --v8-cache-strategies-for-cache-storage=normal --v8-pac-mojo-out-of-process --enable-features=DisplayPersistenceToggleInPermissionPrompts,FeaturePolicy,FontCacheScaling,FramebustingNeedsSameOriginOrUserGesture,NewAudioRenderingMixingStrategy,OptimizeLoadingIPCForSmallResources,OriginTrials,PointerEventV1SpecCapturing,SafeSearchUrlReporting,ScrollAnchoring,SpeculativeLaunchServiceWorker,StaleWhileRevalidate2,TranslateUI2016Q2,WebRTC-H264WithOpenH264FFmpeg,brotli-encoding,enable-password-force-saving,password-import-export,token-binding --disable-features=AsmJsToWebAssembly,GamepadExtensions,GenericSensor,MaterialDesignSettings,PointerEvent,SharedArrayBuffer,V8Ignition,WebAssembly,enable-automatic-password-saving --flag-switches-end

d0bd833b-85fb2903
f2d919bf-85fb2903
68ebfce2-ca7d8d80
90757ebb-3f4a17df
3095aa95-3f4a17df
8364a5c2-ca7d8d80
7c1bc906-f55a7974
2a33b90e-d411cf1
ba3f87da-a2598ccd
31362330-ca7d8d80
9e201a2b-ca7d8d80
5274eb09-3f4a17df
684d1cdf-51126808
1d3ad72e-789e7dfb
9e5c75f1-c16ec2e6
6b121ae7-ca7d8d80
f79cb77b-c0c80ea8
b7786474-d93a0620
23a898eb-ca7d8d80
74df3f1-803f8fc4
7382e39a-ef01e3f3
4ea303a6-85fb2903
fe9bec35-186f5907
9736de91-ca7d8d80
867c4c68-3f4a17df
b2f0086-93053e47
7fc902e8-f23d1dea
3ac60855-486e2a9c
f296190c-a5822863
4442aae2-e1cc0f14
ed1d377-e1cc0f14
75f0f0a0-4ad60575
e2b18481-4c073154
e7e71889-e1cc0f14
828a5926-ca7d8d80
 
twitch-bits.log
1.8 KB View Download
Labels: Needs-Triage-M56
Labels: Prestable-56.0.2924.76
Small correction: just go to https://www.twitch.tv/splattercatgaming (or any streamer who uses Bits), as the Bits icon is there even if no-one is streaming.
Cc: krajshree@chromium.org
Components: UI>Browser
Labels: Needs-Feedback
Unable to reproduce the issue on Ubuntu 14.04 using chrome reported version #56.0.2924.76 but when tested using latest dev #57.0.2987.13 got the result as in the screencast.

Attached a screen cast for your reference.

Following are the steps followed to reproduce the issue.
------------
1. Navigated to URL: https://www.twitch.tv/splattercatgaming
2. Logged into the site.
3. Clicked on the triangular gem-icon to the left of the smiley icon in the text-area.
4. Clicked on the "Buy" button.
5. Clicked on an amount.
6. A new window popped up with an error symbol.

Reporter@ - Could you please verify the screen cast and please let us know if it is the issue.

Thanks...!!
686350.ogv
15.1 MB Download
It's not *quite* the same:

1) For me, the new window was a completely blank white, rather than saying what resource had failed to load.

2) Squinting at the cast, it looks like the URLs it refers to involve https://web-cdn.[something].net/, which is different than the URLs in the twitch-bits.log I attached.

3) The security exceptions in the cast are worded differently than the when I get the problem, and there's more of them in the cast.

===========================================

"Unable to reproduce the issue on Ubuntu 14.04 using chrome reported version #56.0.2924.76"

Did you try starting version 56.0.2924.76 with the exact set of command line switches that I quoted?
Project Member

Comment 6 by sheriffbot@chromium.org, Feb 7 2017

Labels: -Needs-Feedback Needs-Review
Owner: krajshree@chromium.org
Thank you for providing more feedback. Adding requester "krajshree@chromium.org" for another review and adding "Needs-Review" label for tracking.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Labels: -Needs-Review
Owner: ----
khym.chanur@ - Could you please check this issue on latest stable #56.0.2924.87 and please let us know if the issue still persist.

Thanks...!!
Still not working, even after doing Shift-Ctrl-R on both the main Twitch page and on the new window.  Still giving these JavaScript errors:

twitch.amazon.com/js/source.min.js:1 Uncaught ReferenceError: $ is not defined
twitch.amazon.com/js/source.min.js:1 Unsafe JavaScript attempt to initiate navigation for frame with URL 'https://www.twitch.tv/products/bits/B017L2UX4C' from frame with URL 'https://twitch.amazon.com/checkout/summary?embed=true&asin=B017L2UX4C&tuid=127496115'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/features/5851021045661696.

redirect @ twitch.amazon.com/js/source.min.js:1
twitch.amazon.com/js/source.min.js:1 Uncaught SecurityError: Failed to set the 'href' property on 'Location': The current window does not have permission to navigate the target frame to 'https://www.amazon.com/ap/signin?clientContext=179-0605610-5423860&openid.r…25252Fbits%25252FB017L2UX4C%2Csignature%3DXusWdwPj2FEcg410rYbf3yvgUgeZIj3D'.

Cc: kkaluri@chromium.org
Labels: Needs-Feedback
Unable to reproduce this issue on Ubuntu 14.04 with chrome Version #56.0.2924.87
Tried to reproduce the scenario with and without flags which are mentioned in comment #0.

In both scenarios, observed that after clicking on the buy button it is redirecting to the amazon site.

Attaching the screen-cast for reference, could you please re-try the scenario in clean profile with no apps and extensions and let us know your observations
Issue 686350 - Without Flags.mp4
2.5 MB View Download
Issue 686350 - With Flags.mp4
6.9 MB View Download
Trying with a clean profile, ver 56.0.2924.87, with no extensions or apps, but *with* experiments results in the problem going away.
I think the problem is with the experiment "Framebusting requires same-origin or a user gesture: Don't permit an iframe to navigate the top level browsing context unless they are same-origin or the iframe is processing a user gesture" (chrome://flags/#enable-framebusting-needs-sameorigin-or-usergesture).

Turning this experiment on causes the problem, and turning it off removes the problem.
Labels: -Needs-Feedback
Thank you for providing feedback. removing "Needs-Feedback" label.
Cc: rbasuvula@chromium.org
Labels: Needs-Feedback
Thanks for inputs given in comment #11 and tested with experiment flag "framebusting-needs-sameorigin-or-usergesture"
Tested in chrome # 56.0.2924.87 and Canary #59.0.3035.0 on Ubuntu 14.04 and not able to reproduce the issue.Please find the screen Cast for your reference.

@ khym.chanur: Could you please let me know if i have missed anything and if possible, provide us with a experiment flags of the issue which would help us to triage the issue further.

Thanks in Advance.
686350.ogv
6.4 MB View Download
You did it exactly like I did.  I tested again with a fresh ~/.config/google-chrome-unstable for ver 58.0.3029.6 and see the same bug.  about:version shows the following:


Google Chrome	58.0.3029.6 (Official Build) dev (64-bit)
Revision	610f4595f8ea01904e3d01506c41201a816dc338-refs/branch-heads/3029@{#35}
OS	Linux
JavaScript	V8 5.8.283.5
Flash	25.0.0.127 /home/matt/.config/google-chrome-unstable/PepperFlash/25.0.0.127/libpepflashplayer.so
User Agent	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.6 Safari/537.36
Command Line	./unst --user-data-dir=/home/matt/.config/google-chrome-unstable --user-data-dir=/home/matt/.config/google-chrome-unstable --flag-switches-begin --enable-features=FramebustingNeedsSameOriginOrUserGesture --flag-switches-end
Executable Path	/opt/google/chrome-unstable/google-chrome-unstable
Profile Path	/home/matt/.config/google-chrome-unstable/Default
Variations	16e0dd70-3f4a17df
a444064c-1410f10
da89714-4ad60575
241fff6c-c037dd1c
1e528f0f-3b7f37f3
ca05d627-3f4a17df
7c1bc906-f55a7974
2a33b90e-2845784c
cf558fa6-48a16532
5ca89f9-f23d1dea
f3499283-720b026c
31362330-ca7d8d80
349d561b-3d47f4f4
2d2fd3f5-2d2fd3f5
9e201a2b-3f4a17df
5274eb09-3f4a17df
57f575bb-3f4a17df
858ecb94-f23d1dea
bcc907f7-3f4a17df
949c6e63-f23d1dea
b684f56f-3d47f4f4
b791c1b8-f23d1dea
9773d3bd-1410f10
b22b3d54-f23d1dea
2e109477-ca7d8d80
99144bc3-4da47e09
9e5c75f1-f19f2dd
f79cb77b-3f4a17df
27219e67-ca7d8d80
23a898eb-3f4a17df
d39326b0-3f4a17df
62d3c5a9-f23d1dea
4ea303a6-c0f9e99a
3a007b7-47d255e3
64224f74-1410f10
de03e059-e65e20f2
d2247fcb-299e2640
69bf80fa-91c810ef
2697ea25-ca7d8d80
b2f0086-3d47f4f4
7fc902e8-f23d1dea
d747916f-f23d1dea
494d8760-3f4a17df
3ac60855-486e2a9c
f296190c-9eabb163
4442aae2-a90023b1
ed1d377-e1cc0f14
75f0f0a0-6bdfffe7
e2b18481-75cb33fc
e7e71889-4ad60575
89b3132e-720b026c
644b8345-726d8ace
61b920c1-40a57c04
828a5926-ca7d8d80
Project Member

Comment 15 by sheriffbot@chromium.org, Mar 9 2017

Labels: -Needs-Feedback
Thank you for providing more feedback. Adding requester "rbasuvula@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Cc: hdodda@chromium.org
Unable to reproduce the issue on ubuntu 14.04 using All latest chrome channels , stable ,beta , dev and canary from TE END .

@COuld anyone from browser team , please look into this.

Thanks!
Labels: Needs-Feedback
With ver 58.0.3029.81 (stable) I'm unable to reproduce, even with the framebusting experiment enabled.
Project Member

Comment 19 by sheriffbot@chromium.org, Apr 24 2017

Cc: ranjitkan@chromium.org
Labels: -Needs-Feedback
Thank you for providing more feedback. Adding requester "ranjitkan@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
Project Member

Comment 20 by sheriffbot@chromium.org, Apr 25 2018

Status: Archived (was: Unconfirmed)
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment