MozillaZine

GMX email "blank" page; Bugzilla.Mozilla Nightly discussion

User Help for Mozilla Firefox
IMB4U

User avatar
 
Posts: 44
Joined: March 3rd, 2009, 10:27 pm
Location: USA

Post Posted February 17th, 2013, 12:56 pm

NOTE: I'm not sure if this is the correct forum to place my problem in.

FIRST OFF...this may all be as simple as just me allowing a newly added script on the GMX login page (uicdn.com) to run via NoScript...BUT...I don't know for sure, so I have come here to present my problem. Plus, the "Nightly" discussion apparently thinks there is something wrong with that new script (used on Mail.com; owned by GMX). I was going to post my problem with both Mozilla and NoScript, but since Mozilla "Nightly" mentioned a problem with the that new script, I decided to come here first.

ALSO, this will most likely be "lengthy" because I wish to explain what happened to me and how I went about trying to solve the problem, so I hope you can be patient with me (I realize lengthy posts are not much fun to read).

PLEASE FEEL FREE TO "QUICKLY" PERUSE THIS LENGTHY POST SO AS TO NOT GET TOO BORED & FRUSTRATED WITH IT!

DETAILS of Problem Occurrence:
I use Hotmail as my regular email service, but I also have "several" accounts with GMX email. I sign into all my GMX accounts every couple of months just to keep them currently activated; the last time being between 1-2 months ago. On Feb. 16 (Saturday) morning at 1:00am, I informed a website to send me an eBook at one of my GMX accounts, but when I tried logging into the account, I began having trouble in that I kept getting sent to a "blank page". When I would click the back button, I would get a GMX page that showed that I was ACTUALLY LOGGED IN and asked if I wanted to return to my email page or log out! (I tried that routine a half dozen times with same user account and some other ones but with same results.) So even though GMX was showing I was logged in and allegedly located on my email page, all I could see was an entire "blank page."
......The "blank page" had a URL with SOME words in in like this:
http://www.gmx DOT com/ mcstarter / mail (a bunch of numbers here) &partnerdata=partner.anonymous
......and the above URL displayed this message:
Your login was unsuccessful
Your session has expired and you have been logged out.
This could be due to the following reasons:
You may have saved a wrong bookmark:
Please bookmark http://www.gmx.com/ for future logins.
You have tried to refresh the page:
Due to security reasons, you may not refresh a page while logged into your account.
Please log in again on the gmx.com website.
You may find further information on this topic in our online help section.
http://help.gmx.com/mail/
If the problem persists, please use the contact form to inform us.
Error code EC_MCS_CoAuTo_null_3659


NEXT, I placed the above "Error code" (Error code EC_MCS_CoAuTo_null_3659) in my Startpage (or Ixquick) search page to see what I could find, and I found the following 3 links:
(1) privacy questions
forum.gmx.com/forum/posts/list/30/345.page - View by Ixquick Proxy - Highlight
Sep 19, 2012 ... Error code EC_MCS_CoAuTo_null_3659. (I assume this means something like “ We don't know what you did, but it has been wrong anyway”) ...
(2) Your login was unsuccessful - Gmx
http://www.gmx.com/mcstarter/error.html?type=MCS_CoAuTo - View by Ixquick Proxy - Highlight
... in our online help section. http://help.gmx.com/mail/. If the problem persists, please use the contact form to inform us. Error code EC_MCS_CoAuTo_null_3659.
(3) Votre connexion a echoué
http://www.gmx.fr/ mcstarter/ mail.html?sid=13707018304:437380LIhB6SY4J-2apS1MAlqrCA5BBLVNFESW:10 &partnerdata=partner.anonymous - View by Ixquick Proxy - Highlight
Si le problème persiste, nous vous prions d'utiliser le formulaire de contact pour nous informer. Error code EC_MCS_CoAuTo_null_3659.

-----------------

NEXT, I checked my NoScript add-on to see if any new scripts had been added to the GMX login page, and THERE WAS A "NEW" SCRIPT DISPLAYING (ready for me to either allow or disallow)...called "uicdn.com".

The first thing I did was to "middle-click" the uicdn.com script and follow the links that NoScript displays for checking security & privacy info, and this page popped up:
uicdn.com
Security and Privacy Info
This service is experimental and far from being complete yet.
Currently it provides links to other resources helping to assess the security and privacy trustworthiness of uicdn.com.
....WOT Scorecard about uicdn.com
....McAfee SiteAdvisor® rating for uicdn.com
....Webmaster Tips Site Information about uicdn.com
....Safe Browsing Diagnostic on uicdn.com
....hpHost Report on uicdn.com
We hope to keep adding new tools and features over the time, making trust-based decisions easier for NoScript users.
Privacy Disclaimer
NOSCRIPT.NET does not retain any personal-identifiable record about your "Security and Privacy Info" queries.


NEXT, I checked all 5 links, but I couldn't find much. WOT and McAfee have nothing listed for it; Google either; thus the reason they've found nothing wrong with it in the last 90 days.

NEXT, I tried searching the internet to read up on "uicdn.com", but I still couldn't find anything.

NEXT, I also tried these search words on my Startpage search engine:
what is uicdn.com script doing on my GMX email login page?
......and "1 of the 4 links" was a link to bugzilla.mozilla.org:
819871 – Nightly: can not login at Mail.com
https://bugzilla.mozilla.org/show_bug.cgi?id=819871 - View by Ixquick Proxy - Highlight
I still can't login at mail.com this seems to be a regression from ... Source File: http ://s.uicdn.com/service.mail.com/client/static/script/compiled-gecko. ... to put some of that into my own mail to make it seem that I know what I'm talking about ;) ... could submit it): Dear mail.com, It looks l


You can click that link above or here is the actual link:
https://bugzilla.mozilla.org/show_bug.cgi?id=819871


NOTE: KEEP IN MIND this "Nightly" discussion is referring to "Mail.com". HOWEVER, they state that mail.com is owned by "GMX"...THE EMAIL SERVICE THAT I'M "APPARENTLY" HAVING THE SAME PROBLEM WITH!

AND HERE is what the first comment begins with:
Frank 2012-12-10 01:00:40 PST
User Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:20.0) Gecko/20121209 Firefox/20.0 Build ID: 20121209030817 Steps to reproduce: Try to login at Mail.com
Actual results: I get a blank white page, nothing happens, I'm not forwarded to my inbox issue persists since Wednesday December 5th
Expected results: I should get forwarded to my inbox


...AND SOME MORE COMMENTS:
I think it would be better to get the site to fix the bug.

OK, let's start there. Frank, since you use the site, are you willing to contact them to complain about this bug in their code? They're depending on non-standard functionality that was removed...

hey Boris,
sure I would. But I guess if a representative of Mozilla contacts Mail.com and explains the issue, that Firefox users from the near future on will no longer be able to use their services, it would have a bigger effect, than an anonymous user complaining about something code-related. Just tell me if you could do this, otherwise I'll try to.

Not tracking, evang issue. If the site is relying on non-standard functionality that has been removed I suspect we are not considering putting that functionality back to be an option so for now please keep trying to reach out to the site. If this is still an issue when 20 gets to Aurora we can revist other options weighing the number of users we suspect will be affected against the risks of perhaps backing out whatever removed the functionality.

Boris Zbarsky (:bz) 2012-12-19 22:39:54 PST
I just sent this through the feedback form (after making up a mail.com address so I could submit it): Dear mail.com, It looks like there is a script on your login page that attempts to insertRule a rule with the non-standard ":-moz-placeholder" pseudo-class in it into a stylesheet. Unfortunately, support for that non-standard pseudo-class has been removed in Firefox 19 (which will ship in mid-February 2013) and newer. This makes the insertRule call throw an exception, which is not caught by the script, and that makes it impossible to log in to the site. See https://bugzilla.mozilla.org/show_bug.cgi?id=819871 for more information, or feel free to contact me directly.


----------------------

I did find a GMX online "help" page and posted my problem (approx. 1am Saturday, Feb.16), HOWEVER, I have no idea when OR even "if" I will get a response (most of my help questions in the past were either ignored or I was given answers that had nothing to do with my questions).

NOTE: I don't want to allow scripts that I am unfamiliar with to run on my PC, plus...after reading the "Nightly" discussion...it sounds like that "uicdn.com" script doesn't work right anyway(?), so allowing it to run on my PC might not work.

I do need access to my GMX accounts, so I'm hoping that either you and/or NoScript can assist me. Should I simply allow the uicdn.com script listed in NoScript to run...OR...should I somehow let Mozilla "Nightly" know that I am having problems with a "blank page" like they have discussed with "Mail.com"(which they state is also owned by GMX)?

P.S. The reason I am trying to access a specific GMX account "currently" is because a website has offered a FREE eBook "IF" you get it within the next couple or so days (as of Friday night, Feb 15). I filled out my form and was told to go to my GMX account and simply LINK to a URL, and I would receive the eBook download. I do NOT wish to give out my Hotmail email address to that website, so now I don't know if I'll be able to get that eBook or not because the offer could stop at any time now! AND all this because of a bad "script"? Again...if I click on that new script called "uicdn.com", will that solve my problem? Is it safe to click on it? NOTE that according to the "Nightly" discussion, that "uicdn.com" script isn't functioning correctly either (on Mail.com). Evidently, the same problem has now been included with the owner of that website, GMX email, sometime within the last 1-2 months. Plus...it looks like Mozilla is saying "they could solve the problem", but they are trying to get the GMX owners of Mail.com to solve it (again, just for Mail.com). I guess, "if" this is the same problem, GMX will ALSO need to solve their problem. What advice do you have for me?

(I really do want that eBook and I hope it's not too late to get it; that is "if" it's not too late already...and I can actually "see" my GMX email pages.)
Win7 64-bit Windows Professional 4Gb RAM/Firefox 20.0.1 (Adblock Plus, Better Privacy, NoScript)/Avast Free 7/MBAM on demand/SpywareBlaster/SAS on demand/WinPatrol

JayhawksRock

User avatar
 
Posts: 8788
Joined: October 24th, 2010, 8:51 am

Post Posted February 17th, 2013, 1:49 pm

Site registration shows uicdn.com is a web bot located in Germany > http://whois.domaintools.com/uicdn.com Can't you just block it if you have a concern? There is no reference to it in the page source of the Main GMX page that I can find. This http://www.gmx.com/ page, right click choose view source and search for uicdn.com gives me nothing.

Clear you cache and any cookies related to the webbsite and see what happens. I would have told you to try the site in Mozilla Safe mode but because it disables all extensions ... oh well use IE instead when using that site. Or Just pay for the book ](*,) :-"
"Outside of a dog, a book is a man's best friend. Inside of a dog it's too dark to read." ~ Groucho Marx

Grumpus

User avatar
 
Posts: 9326
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Post Posted February 17th, 2013, 2:26 pm

Web based email sites are not necessarily the best for security, my own provider suggested not using theirs.
That said, gut hunch is there is some kind of re-direct condition occurring which may be relative to the script issue.
It might not hurt to address the properties of the bookmark or link.
Check your cookies for third party additions which do not belong or seem unfamiliar, if you have a traffic monitor watch to see what pops up when you link to the site. If you have an automated login set up try a manual method.
Scan your system for for the usual skunkware but concern for a rootkit might not be out of place if this is an improper re-direct.
uicdn.com appears to come from a Karlruhe, Germany IP (213.165.66.151). on "One & One Internet
Read and consider the following about:config settings (descriptions)
dom. allow_scripts_to_close_windows
dom. disable_image_src_set
dom. disable_window_open_feature. *
dom. disable_window_status_change
dom. event. contextmenu. enabled
dom. ipc. plugins. enabled. timeoutSecs
dom. max_chrome_script_run_time
dom. max_script_run_time
security. xpconnect. plugin. unrestricted <-----Note
signed. applets. codebase_principal_suppor

Lastly you need to be wary of any "free" offers on the Internet, not that you don't know this, but it had to be said as many are marketing or scam mechanisms and rarely perform the way they say and many cases become invasive in their search for information.

IMB4U

User avatar
 
Posts: 44
Joined: March 3rd, 2009, 10:27 pm
Location: USA

Post Posted February 17th, 2013, 4:26 pm

@JayhawksRock...GMX has its emails in Germany and the USA. I was thinking that the new script belongs to GMX since it is in Germany, or the Netherlands. "Uicdn.com" IS already blocked by NoScript. NoScript shows there to be 4 sites that want to run scripts which I could allow to run (no need to allow Facebook and I won't allow Doubleclick):
(1) gmx.com (allowed already)
(2) uicdn.com
(3) facebook.com
(4) doubleclick.net

What I was trying to ask was it all right to allow #2, uicdn.com, to run? Since I couldn't find hardly anything on it, I didn't just want to simply allow it without some guidance.

The other thing is that when I found the discussion in the Bugzilla page about mail.com (owned by GMX) showing a "blank page", also (just like mine), and that there even appears to be a problem with uicdn.com running a script, I thought perhaps somebody here might have an answer for me. YES, I certainly can click "allow" uicdn.com in NoScript for that linked GMX web paqe you listed...BUT...I wanted to know if it was safe to do that? In all likelihood, if I do click on it, according to Bugzilla, I will still get a blank page...maybe. :roll:

Also, I don't want to use IE because it doesn't have NoScript.

In addition, I don't have any money to pay for the book; thus, the reason I was excited to get it free!
------------

@Grumpus...I know about web-based email, but I do thank you for your input. I don't use GMX "except" on rare occasions, like this for instance, and I don't use it because there "were" just too many problems with it.
Regarding caution when downloading from the internet, I realize one should be very cautious. This eBook is by a guest that was on a well-established radio program when he made the offer, and I trust the guest and the radio program...even though negative "stuff" can happen on the best of sites.

Thank you two for trying to help me. Perhaps I should go ahead and ask the NoScript forum if they know anything about uicdn.com; after all, the worst that can happen is that they won't know anything. Unless GMX online support responds to my request, I guess I'll just need to forget about the eBook...and also forget about getting into any files I have still in GMX until this issue gets solved; my problem, not yours. :wink:

Also, I might check back at that Bugzilla web page to see if they received any correspondence back from mail.com (which GMX owns). If mail.com would fix the problem, perhaps the effect would domino on over to GMX...that's probably a big perhaps.
Win7 64-bit Windows Professional 4Gb RAM/Firefox 20.0.1 (Adblock Plus, Better Privacy, NoScript)/Avast Free 7/MBAM on demand/SpywareBlaster/SAS on demand/WinPatrol

Grumpus

User avatar
 
Posts: 9326
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Post Posted February 18th, 2013, 6:23 am

Oblique:
Some ISPs have allowed the advertisers to block access or allow very limited access unless advertising is allowed. While I find this contentious it seems to be the way some sites operate. It may very well be this could be part of the problem, since NoScript is involved. On the other hand some sites are so dependent or designed to be so for JavaScript it is impossible to complete or see further than a minimal opening page with JavaScript off or partially blocked. I'd be inclined to think it may be something like this instead of a bug, though some may define it as such.

Return to Firefox Support


Who is online

Users browsing this forum: malliz and 17 guests