Only desktop has networking issues with banking website logins

preconiseencaustic · 2025-12-03 18:21:57

I do get a CORS error on page load for the login screen at https://www.discover.com/login/ if I'm using uBlock Origin. It seems mostly related to tracking and advertising junk as you'd expect though.

Without ublock, there's a ton of warnings, and a few errors. Again, this is just loading the login screen, not actually trying to log in:

Two errors:
GET
https://h64.online-metrix.net/<long_path>
Fingerprinting

POST
https://173bf10e.akstat.io/
NS_BINDING_ABORTED

Neither look important to me.

Sending the login attempt gives the following:

XHRPOST
https://portal.discover.com/enterprise/universal-login/v1/login
CORS Missing Allow Origin

XHROPTIONS
https://portal.discover.com/enterprise/universal-login/v1/login
[HTTP/1.1 200 OK 204ms]

XHRPOST
https://smetrics.discover.com/ee/va6/v1/interact?configId=<long_id>
[HTTP/2 200  114ms]

XHRGET
https://unpkg.com/@rive-app/canvas@2.26.1/rive.wasm
[HTTP/3 200  0ms]

XHRGET
data:application/octet-stream;base64,<long_base64_data - no error>

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://portal.discover.com/enterprise/universal-login/v1/login. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 302.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://portal.discover.com/enterprise/universal-login/v1/login. (Reason: CORS request did not succeed). Status code: (null).

default error happened.... index-DiphUGVN.js:160:19005
XHRGET
https://portal.discover.com/psv1/notification.html
NS_ERROR_UNEXPECTED

This is using systemd-resolved so no changes from that as expected.

What can I try next?

seth · 2025-12-03 22:22:34

A different bank?
Legit CORS errors are server bugs

Sending the login attempt gives the following:

Do you get the same when providing some invalid junk login/password or only with your proper credentials (in which case I get a 403 but no CORS error)

 curl -vL  https://portal.discover.com/enterprise/universal-login/v1/login > /dev/null

gets me a 404
Do you currently have issues other than with your bank?
Do you constrain/filter javascript in any way?

Have you btw. tried wiping the browser cache or using the porn mode to make sure there's no cache at play?

preconiseencaustic · 2025-12-03 22:39:44

That's the thing though, it's not a server side error (nor a web page error) as I can use a different Arch computer without issues, including my phone browser.

The behavior is identical no matter what user/password combination is attempted, as again this never reaches their servers.

The only other issues were those noted earlier in the thread, which we seem to have proven is unrelated. I only use uBlock Origin for filtering, and turning it on or off doesn't change the behavior (though as per above uBlock Origin does create more errors for not loading their tracking/spyware/adware).

I've tried resetting browser cache, private browsing, and 3 different browsers in total on this computer. I don't know what other configuration could be causing this problem, but it is seemingly specific to this computer.

seth · 2025-12-03 22:55:49

it is seemingly specific to this computer.

pacman -Qikk ca-certificates ca-certificates-mozilla ca-certificates-utils

And check

date

on whether the system time is correct.

https://flathub.org/en/apps/org.mozilla.firefox
https://wiki.archlinux.org/title/Flatpak
Should™ largely insulate you from the OS.

Also please post the output of

curl -vL  https://portal.discover.com/enterprise/universal-login/v1/login > /dev/null

preconiseencaustic · 2025-12-04 03:12:49

Here's the flatpak full browser console output:

downloadable font: Glyph bbox was incorrect (glyph ids 149 364 400 543 582) (font-family: "DiscoverSans-Medium" style:normal weight:400 stretch:100 src index:1) source: https://www.discover.com/etc.clientlibs/dfs-core/clientlibs/clientlib-core/resources/font/discoversans/woff2/DiscoverSans-Medium.woff2
downloadable font: Glyph bbox was incorrect (glyph ids 74 149 200 364 400 543 554 582) (font-family: "DiscoverSans-Semibold" style:normal weight:400 stretch:100 src index:1) source: https://www.discover.com/etc.clientlibs/dfs-core/clientlibs/clientlib-core/resources/font/discoversans/woff2/DiscoverSans-Semibold.woff2
downloadable font: Glyph bbox was incorrect (glyph ids 74 149 233 364 367 394 400 543 554 582) (font-family: "DiscoverSans-Bold" style:normal weight:400 stretch:100 src index:1) source: https://www.discover.com/etc.clientlibs/dfs-core/clientlibs/clientlib-core/resources/font/discoversans/woff2/DiscoverSans-Bold.woff2
unreachable code after return statement
R1g:1:506126
Use of the orientation sensor is deprecated. R1g:1:183586
Use of the motion sensor is deprecated. R1g:1:183772
InstallTrigger is deprecated and will be removed in the future. R1g:1:188973
downloadable font: Glyph bbox was incorrect (glyph ids 17 18 19 22 24 28 29 31 33 34 35 37 41 50 55 58 61 64 72 79 84 90 91 93 94 95 96 99) (font-family: "dnicons" style:normal weight:400 stretch:100 src index:1) source: https://www.discover.com/etc.clientlibs/dfs-core/clientlibs/clientlib-core/resources/font/dnicons/ttf/dnicons.ttf?uucx8p
discover_toolkit.js with memeberSetup function called clientlib-base.min.ACSHASHe1ed0c675f9793cb6f47eb93b276f376.js:23:365
This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”.
mpnuq4dv8buwq7b1.js:167:9
Cookie warnings 17
Partitioned cookie or storage access was provided to “<URL>” because it is loaded in the third-party context and dynamic state partitioning is enabled. 8
Ignoring unsupported entryTypes: longtask. datadog-rum.js:1:53591
Partitioned cookie or storage access was provided to “https://cdnssl.clicktale.net/uxa/xdframe-single-domain-1.2.0.html?pid=2052” because it is loaded in the third-party context and dynamic state partitioning is enabled.
xdframe-single-domain-1.2.0.html:1:300
Partitioned cookie or storage access was provided to “https://www.googletagmanager.com/static/service_worker/5ba0/sw_iframe.html?origin=https%3A%2F%2Fwww.discover.com” because it is loaded in the third-party context and dynamic state partitioning is enabled.
sw_iframe.html:15:769
InstallTrigger is deprecated and will be removed in the future. iClcG3VpKUin5dZ5:592:9
This page is in Almost Standards Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”.
activityi;src=3470633;type=test_0;cat=globa00;ord=6564172282183;npa=0;auiddc=2022923468.1764816305;u18=/gateway/unk;u19=34853441473799312871740135740481441783;u20=;u21=;u6=;pscdl=noapi;frm=0;_tu=IFA;gtm=45fe5c21v9190712715za200zd9190712715xec;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391253~115583767~115938466~115938469~116184927~116184929~116217636~116217638~116518834;epver=2;dc_random=1764816305_dAxv9gtoU4D5dgnuYQYz3EuTnR2OePBjFA;_dc_test=1;~oref=https://www.discover.com/
The resource at “https://h64.online-metrix.net/dTbJZzRuEi0GL_BV?8507539d61fbbd6c=ivJ9HyoRni-NRGFVYT26xYgHufby7V4XQlr_Oyn1YwvOgNKuAic9_sFBHHUFPOrfNS8K7e4aLW1deCV5x6AM85pwyGZGiSw0PqBGx_-JSaAaYIH0k6hFpQu9-q-ra0sZRhv6Um7w_604hpdOUy1zfjpQs4sUShnmdgB3MuLzTkhZ2fcYjUAyHDdcdh_AVA” was blocked because Enhanced Tracking Protection is enabled.
www.discover.com
Cookie “_sp_root_domain_test_1764816305814” has been rejected for invalid domain. www.discover.com
This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”.
mYvN-JRNZbfWSu2L
WebGL warning: linkProgram: Must have a compiled fragment shader attached: Missing shader.
WebGL warning: vertexAttribI?Pointer: `index` (4294967295) must be < MAX_VERTEX_ATTRIBS.
WebGL warning: enableVertexAttribArray: -1 is not a valid `index`. This value probably comes from a getAttribLocation() call, where this return value -1 means that the passed name didn't correspond to an active attribute in the specified program.
Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. mYvN-JRNZbfWSu2L
WEBGL_debug_renderer_info is deprecated in Firefox and will be removed. Please use RENDERER. iClcG3VpKUin5dZ5:1697:18
Cookie “_fbp” has been rejected for invalid domain. www.discover.com
This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”.
Ild-BxBJIyvGGZFO
WEBGL_debug_renderer_info is deprecated in Firefox and will be removed. Please use RENDERER. R1g:1:20579
This page is in Almost Standards Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”.
activityi;src=3470633;type=consu695;cat=gatew0;ord=1266295479649;npa=0;auiddc=2022923468.1764816305;pscdl=noapi;frm=0;_tu=IFA;gtm=45fe5c21v9190712715za200zd9190712715xec;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391253~115583767~115938466~115938469~116184927~116184929~116217636~116217638~116518834;epver=2;dc_random=1764816306_xK5x63KDPUhRlI1QDWq26pXYsSeeAwYzow;_dc_test=1;~oref=https://www.discover.com/
Cookie “_tt_enable_cookie” has been rejected for invalid domain. www.discover.com
[TikTok Pixel] - Missing 'content_id' paramter
Issue: The 'content_id' parameter isn't being received. This is required for Video Shopping Ads (VSA).
Suggestion: Include the 'content_id' parameter in your source code. This is required for Video Shopping Ads (VSA). See https://ads.tiktok.com/help/article/standard-events-parameters?redirected=2 for more information. main.MTRhZTU1OWY5MA.js:1:288005
WEBGL_debug_renderer_info is deprecated in Firefox and will be removed. Please use RENDERER. R1g:1:468118
WEBGL_debug_renderer_info is deprecated in Firefox and will be removed. Please use RENDERER. R1g:1:468616
Cookie “A3” will soon be rejected because it is foreign and does not have the “Partitioned“ attribute. spp.pl
Partitioned cookie or storage access was provided to “https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10017277&ec=Homepage” because it is loaded in the third-party context and dynamic state partitioning is enabled.

WEBGL_debug_renderer_info is deprecated in Firefox and will be removed. Please use RENDERER. 8c1e7bd4-b013-421b-8574-ee482b2ff7a7:1:8331
WEBGL_debug_renderer_info is deprecated in Firefox and will be removed. Please use RENDERER. 8c1e7bd4-b013-421b-8574-ee482b2ff7a7:1:8531
Cookie warnings 6
This page is in Quirks Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”.
cei
Cookie warnings 10
Partitioned cookie or storage access was provided to “<URL>” because it is loaded in the third-party context and dynamic state partitioning is enabled. 2
Partitioned cookie or storage access was provided to “<URL>” because it is loaded in the third-party context and dynamic state partitioning is enabled. 3
Partitioned cookie or storage access was provided to “<URL>” because it is loaded in the third-party context and dynamic state partitioning is enabled. 3
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://portal.discover.com/enterprise/universal-login/v1/login. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 302.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://portal.discover.com/enterprise/universal-login/v1/login. (Reason: CORS request did not succeed). Status code: (null).

Zero browser plugins installed, zero changes to the browser made other than turning off the basic telemetry in FireFox (just simple settings menu, nothing fancy at all). 1.1.1.1 for DNS, nothing fancy going on at all. Same problem unfortunately. I thought that you might be on to something there.

$ curl -vL  https://portal.discover.com/enterprise/universal-login/v1/login > /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0   0     0   0     0     0     0  --:--:-- --:--:-- --:--:--     0* Host portal.discover.com:443 was resolved.
* IPv6: (none)
* IPv4: 23.32.118.118
*   Trying 23.32.118.118:443...
* ALPN: curl offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [1563 bytes data]
* SSL Trust Anchors:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS change cipher, Change cipher spec (1):
{ [1 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [35 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [3956 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / x25519 / RSASSA-PSS
* ALPN: server accepted http/1.1
* Server certificate:
*   subject: jurisdictionC=US; jurisdictionST=Delaware; businessCategory=Private Organization; serialNumber=2506695; C=US; ST=Illinois; L=Riverwoods; O=DFS Services LLC; CN=www.discovercard.com
*   start date: Mar 20 00:00:00 2025 GMT
*   expire date: Apr 20 23:59:59 2026 GMT
*   issuer: C=US; O=DigiCert Inc; CN=DigiCert EV RSA CA G2
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   Certificate level 2: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
*   subjectAltName: "portal.discover.com" matches cert's "portal.discover.com"
* SSL certificate verified via OpenSSL.
* Established connection to portal.discover.com (23.32.118.118 port 443) from <local_ip> port 38194 
* using HTTP/1.x
} [5 bytes data]
> GET /enterprise/universal-login/v1/login HTTP/1.1
> Host: portal.discover.com
> User-Agent: curl/8.17.0
> Accept: */*
> 
* Request completely sent off
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [281 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [281 bytes data]
< HTTP/1.1 404 Not Found
< strict-transport-security: max-age=63072000; includeSubDomains; preload
< x-dfsresponse: p-obd:plf:edge:<string>
< Content-Length: 0
< Date: Thu, 04 Dec 2025
< Connection: keep-alive
< Set-Cookie: Persist1=<cookie> path=/; Httponly; Secure; samesite=lax
< Set-Cookie: TS01ba2681=<cookie>; Path=/; HttpOnly; Secure; samesite=lax
< Set-Cookie: DCID=www16-aercer; path=/; secure
< Server-Timing: cdn-cache; desc=MISS
< Server-Timing: edge; dur=40
< Server-Timing: origin; dur=25
< Akamai-GRN: 0.a7551702.1764817148.22b623ce
< Set-Cookie: <cookie>; Domain=.discover.com; Path=/; Expires=<date>; Max-Age=<int>; SameSite=None; Secure
< Set-Cookie: <cookie> Domain=.discover.com; Path=/; Expires=<date>; Max-Age=<int>; SameSite=None; Secure
< Server-Timing: ak_p; desc="<timestamp>";dur=1
< 
  0     0   0     0   0     0     0     0  --:--:-- --:--:-- --:--:--     0
* Connection #0 to host portal.discover.com:443 left intact

Date is correct.

I tried connecting my desktop to a mobile hotspot just to see what a different network does - same exact behavior.

Maybe I should revisit the user agents? I was using this browser extension to test: https://webextension.org/listing/userag … tcher.html I tried this one in Chromium and Firefox. Maybe a different approach would be better? Any recommendations?

$ pacman -Qikk ca-certificates ca-certificates-mozilla ca-certificates-utils
Name            : ca-certificates
Version         : 20240618-1
Description     : Common CA certificates - default providers
Architecture    : any
URL             : https://src.fedoraproject.org/rpms/ca-certificates
Licenses        : GPL-2.0-or-later
Groups          : None
Provides        : None
Depends On      : ca-certificates-mozilla
Optional Deps   : None
Required By     : amap  curl  mono  neon  perl-lwp-protocol-https  perl-mozilla-ca  python-certifi  python-httplib2  python-requests  python2-httplib2  qca-qt5  qca-qt6  qt4  veil
Optional For    : lib32-openssl  openssl  openssl-1.0  wget
Conflicts With  : ca-certificates-cacert<=20140824-4
Replaces        : ca-certificates-cacert<=20140824-4
Installed Size  : 0.00 B
Packager        : Jan Alexander Steffens (heftig) <heftig@archlinux.org>
Build Date      : Jun 2024
Install Date    : Jun 2024
Install Reason  : Installed as a dependency for another package
Install Script  : No
Validated By    : Signature

ca-certificates: 0 total files, 0 altered files
Name            : ca-certificates-mozilla
Version         : 3.118.1-1
Description     : Mozilla's set of trusted CA certificates
Architecture    : x86_64
URL             : https://firefox-source-docs.mozilla.org/security/nss/index.html
Licenses        : MPL-2.0
Groups          : None
Provides        : None
Depends On      : ca-certificates-utils>=20181109-3
Optional Deps   : None
Required By     : ca-certificates
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 1088.24 KiB
Packager        : Jan Alexander Steffens (heftig) <heftig@archlinux.org>
Build Date      : Nov 2025
Install Date    : Dec 2025
Install Reason  : Installed as a dependency for another package
Install Script  : No
Validated By    : Signature

ca-certificates-mozilla: 5 total files, 0 altered files
Name            : ca-certificates-utils
Version         : 20240618-1
Description     : Common CA certificates (utilities)
Architecture    : any
URL             : https://src.fedoraproject.org/rpms/ca-certificates
Licenses        : GPL-2.0-or-later
Groups          : None
Provides        : ca-certificates  ca-certificates-java
Depends On      : bash  coreutils  findutils  p11-kit
Optional Deps   : None
Required By     : amap  ca-certificates-mozilla  curl  jdk11-openjdk  jre-openjdk  jre7-openjdk-headless  jre8-openjdk-headless  mono  neon  perl-lwp-protocol-https  perl-mozilla-ca  python-certifi  python-httplib2  python-requests  python2-httplib2  qca-qt5  qca-qt6  qt4  veil
Optional For    : lib32-openssl  openssl  openssl-1.0  wget
Conflicts With  : ca-certificates-java
Replaces        : ca-certificates-java
Installed Size  : 13.63 KiB
Packager        : Jan Alexander Steffens (heftig) <heftig@archlinux.org>
Build Date      : Jun 2024
Install Date    : Jun 2024
Install Reason  : Installed as a dependency for another package
Install Script  : Yes
Validated By    : Signature

ca-certificates-utils: 33 total files, 0 altered files

Edit: So I just tested on the working Arch desktops and they have the same CORS errors despite working fine. Maybe the CORS is a red herring?

Last edited by preconiseencaustic (2025-12-04 03:24:15)

seth · 2025-12-04 08:34:49

Maybe the CORS is a red herring?

banks do not see login attempt hit their servers

What is the source of the second quote (did the bank tell you that?) and what are the actual symptoms on your side?
Has this been re-confirmed after dealing w/ the DNS situation?
Can you wireshark/tcpdump the traffic behind your computer?
Are you running some sort of firewall anywhere in the system?
Have you tried a fresh user on this or the other systems to see whether there's any cached data involved (maybe on the working systems)?

preconiseencaustic · 2025-12-04 16:58:55

Yes, in the past the bank has confirmed that they don't see any login attempts. I'm pretty confident that this is still true, otherwise my account would get locked out after so many failed login attempts. I'm pretty sure I'd get an email if I was locked out, and I'm 100% sure I wouldn't be able to successfully login on the other devices.

I can use wireshark/tcpdump, but I don't have enough experience with them to know what specifically I should do and look for. I'm more familiar with Wireshark, but would still need some guidance on what specifically to do. I've got it setup and functional.

No firewalls present.

I can try to make a new account on this system and see what happens.

Last edited by preconiseencaustic (2025-12-04 16:59:37)

seth · 2025-12-04 20:17:52

I can use wireshark/tcpdump, but I don't have enough experience with them to know what specifically I should do and look for.

You'll have to run that *behind* the local system (eg. on a router) and see whether the traffic gets there.
You can still run it on the local host and make sure the traffic gets to the NIC.

I'd first try fresh users on this and one of the working systems as cross-test.
Do you get all the cookie warnings on the latter as well?

preconiseencaustic · Yesterday 20:31:57

I've finally found a chance to test this again. Creating a new user and logging in works in both system repo Firefox and FlatPak Firefox in the new user's login, but not in my actual user's login. Flatpak *also* seems to work on my actual user's login as well at the moment (I've made literally zero changes since then, haven't even updated system or Flatpak). I don't see the cookie warnings at all anymore.

A private window in my actual user's system Firefox still fails, however Chromium based browsers now work at the moment. Looks like it's, at least presently, isolated to exclusively my system Firefox on this user. I'm not sure why a private window in this system Firefox doesn't work, but then again this entire issue is consistently inconsistent so I have no idea what to think about any of this.

I went ahead and updated my system. Flatpak still works on my actual user, while the system Firefox does not.

Last edited by preconiseencaustic (Yesterday 21:59:24)

seth · Yesterday 22:06:24

Looks like it's, at least presently, isolated to exclusively my system Firefox on this user.

Extensions: https://wiki.archlinux.org/title/Firefo … shoot_Mode
Bogus config: https://wiki.archlinux.org/title/Firefo … gs_storage
Did you https://wiki.archlinux.org/title/Firefo … _validator or https://wiki.archlinux.org/title/Firefo … over_HTTPS or anything from https://wiki.archlinux.org/title/Firefox/Privacy ?

preconiseencaustic · Yesterday 23:11:47

Launching with -safe-mode doesn't fix anything.

Creating a new Firefox profile doesn't fix anything, and I believe this should rule out any config related errors. I don't see any custom created files in /usr/lib/firefox or in ~/.mozilla/firefox/. I only see a prefs.js and not a user.js in the real profile directory.

I don't have a DNSSEC validator on my system, Firefox's DNS over HTTPS setting is disabled, and I don't recall making explicit changes to the Firefox/Privacy page. Going through them:

privacy.trackingprotection.enabled = false
privacy.resistFingerprinting = false
general.useragent.override = unset/null
general.platform.override = unset/null
media.peerconnection.ice.default_address_only = false
media.peerconnection.enabled = true
network.http.sendRefererHeader = 2
network.captive-portal-service.enabled = false
toolkit.telemetry.enabled = grayed out, so I'm presuming I disabled this in the settings GUI instead.  Can't possibly imagine this is relevant, but I'll test it to confirm.  Edit: Re-enabling it doesn't change that setting from being grayed out and set to false, nor does it allow login.
privacy.donottrackheader.enabled = false
network.trr.mode = 0
network.trr.uri = unset/null
network.dns.echconfig.enabled = true  // This one matches privacy page recommendations, but my browser reports it as the default value
network.dns.http3_echconfig.enabled = true  // This one matches privacy page recommendations, but my browser reports it as the default value
geo.enabled = true
browser.safebrowsing.malware.enabled = true
browser.safebrowsing.phishing.enabled = true
browser.safebrowsing.downloads.enabled = true
webgl.disabled = false
javascript.options.wasm = true
javascript.options.wasm_baselinejit = true
javascript.options.wasm_ionjit = unset/null

I was able to find all strings in my prefs.js file which that page instructs to remove. I was able to find the executables listed in /usr/lib/firefox other than /usr/lib/firefox/minidump-analyzer, but I'm guessing the wiki might have an older path for that one since I don't think I would've removed that, and any removed files should have been reinstalled upon browser update (which just happened). I didn't look into omni.ja because I'm positive I wouldn't have touched that, especially if I didn't touch the rest of this.

Last edited by preconiseencaustic (Yesterday 23:15:15)

seth · Yesterday 23:40:51

Firefox's DNS over HTTPS setting is disabled

What if you enable it? (b/c of your previous DNS related issues…)

I believe this should rule out any config related errors.

and still

it's, at least presently, isolated to exclusively my system Firefox on this user

So we know(?) that it's something about your users $HOME that doesn't get picked up by flatpak and only affects FF.

Any hardening efforts like https://wiki.archlinux.org/title/Firejail ?
I'd expect the browser cache to be covered by the new profile but maybe wiping it is a good idea.

Do you use a https://wiki.archlinux.org/title/Proxy_ … _variables ?
Generally compare

printenv

Stracing a browser to check what it reads is likely going to be a humongous amount of data, but

strace firefox |& grep $USER > /tmp/firefox.strace

preconiseencaustic · Yesterday 23:56:14

Using Firefox's DNS over HTTPS doesn't change anything.

So we know(?) that it's something about your users $HOME that doesn't get picked up by flatpak and only affects FF.

Remember this did impact other browsers previously for the majority of my attempts to use them, including FlatPak Firefox. It just isn't *right now* for no understandable reason. I'd bet money that in a few days time it'd fail again in other browsers like it used to despite zero configuration changes.

I do have firejail installed, but I haven't used it in years. A quick read from the Wiki would indicate that I'd have to launch my application from firejail/firetools explicitly, and I'm not doing that.

However, looking up my launch arguments for Firefox in the application shortcut showed some something interesting. I can't find Firefox in the, "KDE Menu Editor" which is the application which appears when I right click Firefox in my launcher and click, "Edit Application". Doing this brings up a blank page within KDE Menu Editor, as if it's trying to load something but can't find it. When trying to search for Firefox within KDE Menu Editor, I can only find the Flatpak version. Yet my "Favorite" for the system Firefox remains in the KDE Launcher, and I can confirm it runs the system version from Firefox's About page.

I'd expect the browser cache to be covered by the new profile but maybe wiping it is a good idea.

I'd really like to keep it if at all possible. I would surely think that the new profile would have the same effect, and again I'm not convinced this is Firefox specific due to the previous history of the problem presenting in other browsers (and history of being inconsistent).

The only envvar I have with proxy is UBUNTU_MENUPROXY=1 so I'm sure that's unrelated.

I'll try an strace and see if I can find anything remotely useful.

seth · Today 00:10:55

However, looking up my launch arguments for Firefox in the application shortcut showed some something interesting.

killall firefox
pgrep firefox | shell be empty
firefox

When testing this it's paramount to take control of what is actually being executed here with which parameters and not rely on some ominous desktop service that maybe rund god knows what with whatever environment.
FF by default will also not spawn new processes but just new tabs or windows, so if there's some stale master process (w/o any windows attached) you might think you're running some new firefox process but are actually not.

preconiseencaustic · Today 02:30:54

I can't see anything useful in the strace, but here it is: https://bpa.st/CRQU6CM3YN4TMYAXXXF6ZPRHHQ

I ran the command, attempted to login, and closed Firefox so the logs should be somewhat minimized by comparison. Let me know if I left any sensitive information please, or if using a pastebin isn't appropriate. I just assumed it'd be too long to post in this forum directly, and didn't see an explicit rule against it.

Closing Firefox never lingers, and if it does, Firefox will give an error that an instance is already open upon attempts to reopen. I'm sure that there are no Firefox processes still running when I attempt to restart it.

seth · Today 10:19:19

For a complete curveball

openat(AT_FDCWD, "/run/user/1000/pulse", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = 113
connect(113, {sa_family=AF_UNIX, sun_path="/run/user/1000/pulse/native"}, 110) = 0
openat(AT_FDCWD, "/run/user/1000/pulse", O_RDONLY|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC) = 248
connect(248, {sa_family=AF_UNIX, sun_path="/run/user/1000/pulse/native"}, 110) = 0

There're not traces of pipewire/wireplumber - are you using pulseaudio?
https://wiki.archlinux.org/title/PulseA … do_no_play and "web shop for happiness drugs…"

preconiseencaustic · Today 16:51:23

I'm using pipewire with the pulse adapters - wireplumber, pipewire-pulse, pipewire-audio, pipewire-alsa, pipewire, libwireplubmer, libpipewire, lib32-pipewire, lib32-libpipewire, and kpipewire are all installed. I don't know of any audio related issues, and I use Easy Effects which is pipewire only so it should more or less be working.

Arch Linux

#26 2025-12-03 18:21:57

Re: Only desktop has networking issues with banking website logins

#27 2025-12-03 22:22:34

Re: Only desktop has networking issues with banking website logins

#28 2025-12-03 22:39:44

Re: Only desktop has networking issues with banking website logins

#29 2025-12-03 22:55:49

Re: Only desktop has networking issues with banking website logins

#30 2025-12-04 03:12:49

Re: Only desktop has networking issues with banking website logins

#31 2025-12-04 08:34:49

Re: Only desktop has networking issues with banking website logins

#32 2025-12-04 16:58:55

Re: Only desktop has networking issues with banking website logins

#33 2025-12-04 20:17:52

Re: Only desktop has networking issues with banking website logins

#34 Yesterday 20:31:57

Re: Only desktop has networking issues with banking website logins

#35 Yesterday 22:06:24

Re: Only desktop has networking issues with banking website logins

#36 Yesterday 23:11:47

Re: Only desktop has networking issues with banking website logins

#37 Yesterday 23:40:51

Re: Only desktop has networking issues with banking website logins

#38 Yesterday 23:56:14

Re: Only desktop has networking issues with banking website logins

#39 Today 00:10:55

Re: Only desktop has networking issues with banking website logins

#40 Today 02:30:54

Re: Only desktop has networking issues with banking website logins

#41 Today 10:19:19

Re: Only desktop has networking issues with banking website logins

#42 Today 16:51:23

Re: Only desktop has networking issues with banking website logins

Board footer