Jira and Bitbucket can't log in with Shields on

deads · October 19, 2020, 8:01pm

Description of the issue:
Can’t log in to Jira Cloud, Confluence Cloud, or Bitbucket with Shields enabled
Exact URL of the website in question:
https://bitbucket.org/account/signin
Did the issue present with default Shields settings? (yes/no)
Yes
Does the site function as expected when Shields are turned off?
No - a second site (id.atlassian.com) is used to process the login, and default settings still have Shields enabled on that site
Is there a specific Shields configuration that causes the site to break? If so, tell us that configuration. (yes/no):
No
Does the site work as expected when using Chrome?
Yes
Brave version (check About Brave):
Version 1.15.75 Chromium: 86.0.4240.99 (Official Build) (x86_64)

The following Atlassian applications seem to have trouble with the standard Shields configuration:

Jira Cloud, Confluence Cloud (url pattern: yoursite.atlassian.net)
Bitbucket bitbucket.org
Trello, if account has been migrated to Atlassian account trello.com

These sites all process their logins through id.atlassian.com and redirect back to the original host. Something with the default Shields configuration makes the login fail. Disabling Shields on the application site doesn’t help, because Shields are still enabled at the actual ID site.

Found a previous post here alluding to the same cause, although lack of information had it go unsolved: Jira is not working with brave

Enabling third-party cookies for *.atlassian.net, *.atlassian.com, bitbucket.org, and trello.com seems to do the trick.

fanboynz · October 19, 2020, 9:05pm

github.com/brave/brave-browser

Unable to login to bitbucket.org

opened 09:56PM - 31 Aug 20 UTC

closed 07:59PM - 02 Nov 20 UTC

ryanbr

feature/shields priority/P3 QA/No release-notes/exclude feature/shields/webcompat workaround/allow-all-cookies feature/shields/cookies feature/cookie-allow-list OS/Desktop

## Description Unable to login to bitbucket.org website ## Steps to Reproduce 1. Login https://bitbucket.org/account/signin/ 2. Click on Google signin 3. Fails to login, generates error message ## Actual result: ![atassian-error](https://user-images.githubusercontent.com/1659004/91771859-d6d71e00-ec37-11ea-9571-895a6d45bd55.png) ## Expected result: Allow user to login ## Reproduces how often: Easily ## Brave version (brave://version info) `Version 1.13.82 Chromium: 85.0.4183.83 (Official Build) (64-bit)` ## Version/Channel Information: - Can you reproduce this issue with the current release? Yes - Can you reproduce this issue with the beta channel? Yes - Can you reproduce this issue with the nightly channel? Yes ## Other Additional Information: - Does the issue resolve itself when disabling Brave Shields? - Does the issue resolve itself when disabling Brave Rewards? - Is the issue reproducible on the latest version of Chrome? ## Miscellaneous Information: Was reported. https://twitter.com/buggydebugger/status/1300426570364928000 2 Cookie issues being affected, (Bitbucket.org & atlassian.com) and (atlassian.net & atlassian.com:)

deads · October 19, 2020, 9:13pm

Yes, this is it. I even went the shorter path and tried changing the setting to “Allow all cookies” only on id.atlassian.com and that seemed to make the login flow work.

deads · October 19, 2020, 9:22pm

Happily awaiting that PR merge

pandey · October 21, 2020, 11:23am

but that’s not the right way to login, right?
Allowing all cookies. And not the motto of brave-browser.

deads · October 21, 2020, 10:26pm

Looking at the PR, there seems to be an exceptions list in Shield for certain sites. Atlassian has multiple domains under its umbrella but needs to authenticate to a single spot. Looking through the exceptions list there are other domains such as Google, Wordpress, Ubisoft, Twitch, etc…

github.com

brave/brave-core/blob/master/chromium_src/components/content_settings/core/common/cookie_settings_base.cc

/* Copyright (c) 2020 The Brave Authors. All rights reserved.
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
 * You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "components/content_settings/core/common/cookie_settings_base.h"

#include "base/no_destructor.h"
#include "base/optional.h"
#include "net/base/registry_controlled_domains/registry_controlled_domain.h"
#include "components/content_settings/core/common/content_settings.h"
#include "components/content_settings/core/common/content_settings_pattern.h"
#include "url/gurl.h"
#include "url/origin.h"

namespace content_settings {

namespace {

constexpr char kWp[] = "https://[*.]wp.com/*";

This file has been truncated. show original

fanboynz · October 22, 2020, 11:44am

Don’t allow all cookies for all sites, just this instance its needed.

system · November 21, 2020, 11:44am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Some authentication methods fail with shields up, but it only flashes momentarily and there's no chance to select shields down Web Compatibility bug , shields , feature-request	2	448	December 16, 2020
Cannot login to bitbucket.org Browser Support linux	2	1038	November 18, 2020
Overall features within multiple websites not working Web Compatibility	3	559	October 30, 2019
Jira is not working with brave Web Compatibility	3	868	August 14, 2019
Brave Shields break Uphold's login page Web Compatibility shields	2	503	March 29, 2019
Can't log into known good site Web Compatibility	2	317	October 24, 2022
Broken Site: ThemeHigh Zendesk Web Compatibility shields	3	396	June 14, 2021
Cannot log into various sites that previously work since last update with or w/o shields Browser Support macos	3	304	August 5, 2020

Jira and Bitbucket can't log in with Shields on

Related Topics