Page MenuHomePhabricator
Create Task
Maniphest T214451

[Bug] A large amount of our errors are occurring in iOS Safari
Closed, DuplicatePublic
Actions

Description

About 50% of our client side errors in Minerva seem to be coming from iOS. Today I spent some time on Browserstack in iOS Safari and was surprised to find quite a few bugs in the console just by exploratory testing, hitting URIS obtained from Hive [1]. It would be great to commit some time to browsing the website via Browserstack and identifying bugs. In this ticket I already record 2 specific bugs I've found (haven't checked if I can replicate them locally).

It would be excellent to focus on this problem, either by running some extensive exploratory testing on iOS or by adding Sentry-like capabilities and targeting specific problems.

[1] select referer, count(*) from webrequest where hour = 23 and day = 22 and month = 1 and year = 2019 and uri_path LIKE '%beacon%' and access_method = 'mobile web' and uri_query LIKE "%WebClientError%" group by referer;

Details

SubjectRepoBranchLines +/-
Explicitly pass in parseHTMLmediawiki/extensions/MobileFrontendwmf/1.33.0-wmf.14+14 -6
Explicitly pass in parseHTMLmediawiki/extensions/MobileFrontendwmf/1.33.0-wmf.13+15 -7
Fix page-issues overlay error in Safarimediawiki/skins/MinervaNeuemaster+1 -1
Explicitly pass in parseHTMLmediawiki/extensions/MobileFrontendmaster+14 -6
Customize query in gerrit

Related Objects

Event Timeline

Jdlrobson created this task.Jan 23 2019, 1:36 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 23 2019, 1:36 AM
Jdrewniak updated the task description. (Show Details)Jan 23 2019, 7:57 AM
Jdrewniak updated the task description. (Show Details)Jan 23 2019, 8:01 AM
gerritbot subscribed.Jan 23 2019, 9:00 AM

Change 486032 had a related patch set uploaded (by Jdrewniak; owner: Jdrewniak):
[mediawiki/skins/MinervaNeue@master] Fix page-issues overlay error in Safari

https://gerrit.wikimedia.org/r/486032

gerritbot added a project: Patch-For-Review.Jan 23 2019, 9:00 AM
Jdrewniak triaged this task as High priority.Jan 23 2019, 9:05 AM
Jdrewniak edited projects, added Web-Team-Backlog (Readers-Web-Kanbanana-Board-2018-19-Q3); removed Web-Team-Backlog.
Jdrewniak moved this task from To Do to Needs Code Review on the Web-Team-Backlog (Readers-Web-Kanbanana-Board-2018-19-Q3) board.
Jdrewniak updated the task description. (Show Details)Jan 23 2019, 10:06 AM
Jdlrobson edited projects, added Web-Team-Backlog, Epic; removed Web-Team-Backlog (Readers-Web-Kanbanana-Board-2018-19-Q3).Jan 23 2019, 3:53 PM

We can spin out a more specific task for the page issues problem if necessary but i was thinking of this more like an epic since the other issue i saw did not seem to be page issues related

CKoerner_WMF subscribed.Jan 23 2019, 4:41 PM
Jdlrobson moved this task from Incoming to Needs Prioritization on the Web-Team-Backlog board.Jan 23 2019, 5:28 PM
gerritbot added a comment.Jan 23 2019, 8:09 PM

Change 486145 had a related patch set uploaded (by Jdlrobson; owner: Jdlrobson):
[mediawiki/extensions/MobileFrontend@master] Explicitly pass in parseHTML

https://gerrit.wikimedia.org/r/486145

gerritbot added a comment.Jan 23 2019, 8:09 PM

Change 486146 had a related patch set uploaded (by Jdlrobson; owner: Jdlrobson):
[mediawiki/extensions/MobileFrontend@wmf/1.33.0-wmf.13] Explicitly pass in parseHTML

https://gerrit.wikimedia.org/r/486146

gerritbot added a comment.Jan 23 2019, 8:10 PM

Change 486147 had a related patch set uploaded (by Jdlrobson; owner: Jdlrobson):
[mediawiki/extensions/MobileFrontend@wmf/1.33.0-wmf.14] Explicitly pass in parseHTML

https://gerrit.wikimedia.org/r/486147

gerritbot added a comment.Jan 23 2019, 9:03 PM

Change 486145 merged by jenkins-bot:
[mediawiki/extensions/MobileFrontend@master] Explicitly pass in parseHTML

https://gerrit.wikimedia.org/r/486145

gerritbot added a comment.Jan 23 2019, 9:52 PM

Change 486032 abandoned by Jdrewniak:
Fix page-issues overlay error in Safari

Reason:
Abandoned in favour of https://gerrit.wikimedia.org/r/#/c/486145/

https://gerrit.wikimedia.org/r/486032

ReleaseTaggerBot added a project: MW-1.33-notes (1.33.0-wmf.16; 2019-02-05).Jan 23 2019, 10:00 PM
gerritbot added a comment.Jan 24 2019, 12:24 AM

Change 486146 merged by jenkins-bot:
[mediawiki/extensions/MobileFrontend@wmf/1.33.0-wmf.13] Explicitly pass in parseHTML

https://gerrit.wikimedia.org/r/486146

gerritbot added a comment.Jan 24 2019, 12:25 AM

Change 486147 merged by jenkins-bot:
[mediawiki/extensions/MobileFrontend@wmf/1.33.0-wmf.14] Explicitly pass in parseHTML

https://gerrit.wikimedia.org/r/486147

Stashbot subscribed.Jan 24 2019, 12:34 AM

Mentioned in SAL (#wikimedia-operations) [2019-01-24T00:34:31Z] <thcipriani@deploy1001> Synchronized php-1.33.0-wmf.14/extensions/MobileFrontend: SWAT: [[gerrit:486147|Explicitly pass in parseHTML]] T214451 (duration: 00m 57s)

Stashbot added a comment.Jan 24 2019, 12:42 AM

Mentioned in SAL (#wikimedia-operations) [2019-01-24T00:42:45Z] <thcipriani@deploy1001> Synchronized php-1.33.0-wmf.13/extensions/MobileFrontend: SWAT: [[gerrit:486146|Explicitly pass in parseHTML]] T214451 (duration: 00m 55s)

Krinkle subscribed.Jan 24 2019, 12:45 AM

Please beware that passing in document as context for parseHTML disables the security guards provided by jQuery, and thus makes it equivalent to $() for most purposes, including that inline scripts may end up being evaluated and executed.

The nodes created by parseHTML are detached by default (you have to insert or append them somewhere) from both any parent, as well as any document. This last bit is what makes it secure, and also what makes it different from a plain document.createElement('div').innerHTML = assignment. Rather, it's effectively like document.implementation.createHTMLDocument().createElement('div').innerHTML =.

This difference should only be observable when code is attempting to access the owner document before your code has decided where to insert the element, which tends to be a sign that something has gone wrong somewhere.

It'd be nice if you could trace down what code is attempting this kind of access. And if that is occurring within jQuery, to create a minimal test case. I can help prioritise it upstream. At that point I could also help find a different workaround in the interim, one that doesn't open us up to the security problem that jQuery 3.0 fixed.

Krinkle added a project: Performance-Team (Radar).Jan 24 2019, 12:46 AM
Jdlrobson removed a project: Patch-For-Review.Jan 24 2019, 12:59 AM

Please beware that passing in document as context for parseHTML disables the security guards provided by jQuery, and thus makes it equivalent to $() for most purposes, including that inline scripts may end up being evaluated and executed.

Yup, and View's should be safe in this regard. Previously they were using $() and we overlooked this when migrating to parseHTML.

ReleaseTaggerBot edited projects, added MW-1.33-notes (1.33.0-wmf.14; 2019-01-22); removed MW-1.33-notes (1.33.0-wmf.16; 2019-02-05).Jan 24 2019, 1:00 AM
Jdrewniak moved this task from Needs Prioritization to Epics/Goals on the Web-Team-Backlog board.Jan 24 2019, 9:43 AM
Krinkle moved this task from Limbo to Watching on the Performance-Team (Radar) board.Jan 29 2019, 6:28 PM
Krinkle added a comment.Feb 18 2019, 2:18 PM
In T214451#4904462, @Jdlrobson wrote:

Please beware that passing in document as context for parseHTML disables the security guards provided by jQuery [..]

Yup, and View's should be safe in this regard. [..]

Do you mean that mean that View is never used to display interface messages (e.g. mw.msg) and never used to display user input (e.g. search queries, edit summaries, block reasons etc.). Or that these kinds of values will only ever be inserted through safe DOM methods (like text()) after parsing, and not through string interpolation as part of what is parsed initially?

Jdlrobson updated the task description. (Show Details)Feb 20 2019, 9:48 PM
Jdlrobson added a comment.Feb 20 2019, 9:51 PM

We are essentially using it like createElement (in fact in future we might consider replacing it with that). It will never be passed interface messages.
Right now this is the most complicated usage of it:

this.parseHTML( '<p class="content empty">' ).text( mw.msg( 'mobile-frontend-donate-image-nouploads' ) )

but normal usages look like:

return util.parseHTML( '<div>' ).html( html ).text();
Krinkle mentioned this in T220467: Reevaluate util.parseHTML semantics in MobileFrontend.Apr 9 2019, 2:10 AM
Jdlrobson closed this task as a duplicate of T217142: [Proposal] Use the Kafka-Logstash logging infrastructure to log client-side errors.May 2 2019, 3:49 PM

Merged into logging infrastructure task, as there's little we can do to identify and fix these bugs without the stack trace.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL