We’re tracking down a bug on our donation website. Some donors reported having issues while donating via credit card.
If you’re facing this issue, please help us to debug and include as many of these as possible:
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:64494
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:64494
Content Security Policy: The page’s settings blocked the loading of a resource at data: (“media-src”). 2
Content Security Policy: The page’s settings observed the loading of a resource at data: (“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings blocked the loading of a resource at data: (“media-src”). 4
Blocked third party https://m.stripe.network/inner.html#url=https%3A%2F%2Fdonate.torproject.org%2F&title=Tor%20Project%20%7C%20Donate&referrer=&muid=[CENSORED]&version=6&preview=false from extracting canvas data. out-4.5.41.js:1:26592
Dev tools show (crtl+shift+j)
TorConnect: Init TorConnect.jsm:238:21
Content Security Policy: Couldn’t parse invalid host 'wasm-eval' 2
TorConnect: observed profile-after-change TorConnect.jsm:245:21
TorConnect: legacyOrSystemTor() TorConnect.jsm:372:21
TorConnect: transitioning state from Initial to Disabled TorConnect.jsm:224:21
[11-18 19:53:58] Torbutton NOTE: Initializing security-prefs.js
[11-18 19:53:58] Torbutton NOTE: security-prefs.js initialization complete
Unexpected event profile-after-change URLQueryStrippingListService.jsm:224
Content Security Policy: Couldn’t parse invalid host 'wasm-eval' 2
Bootstrapped manifest not allowed to use 'resource' directive. chrome.manifest:2
[Exception... "Component returned failure code: 0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH) [nsIXPCComponents_Utils.readUTF8URI]" nsresult: "0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH)" location: "JS frame :: resource://gre/modules/L10nRegistry.jsm :: L10nRegistry.loadSync :: line 707" data: no] 18 L10nRegistry.jsm:707:19
[11-18 19:54:00] Torbutton WARN: Error: setevents stream -> 510 Command filtered
[11-18 19:54:00] Torbutton WARN: Disabling tor display circuit because of an error.
[Exception... "Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIAppStartup.secondsSinceLastOSRestart]" nsresult: "0x80004001 (NS_ERROR_NOT_IMPLEMENTED)" location: "JS frame :: resource:///modules/BrowserGlue.jsm :: _collectStartupConditionsTelemetry :: line 1680" data: no] BrowserGlue.jsm:1680:9
1637265242166 addons.webextension.<unknown> ERROR Loading extension 'null': Reading manifest: Error processing chrome_settings_overrides.search_provider.search_form: String "http://blkchairbknpn73cfjhevhla7rkp4ed5gg2knctvv7it4lioy22defid.onion/search/?q={searchTerms}" must match /^(https:\/\/|http:\/\/(localhost|127\.0\.0\.1|\[::1\])(:\d*)?(\/|$)).*$/ Log.jsm:723
Could not load engine blockchair-onion@search.mozilla.org: Error: Extension is invalid SearchService.jsm:609:17
uncaught exception: Object
Sending message that cannot be cloned. Are you trying to send an XPCOM object? ConduitsChild.jsm:61:19
Unchecked lastError value: Error: Could not establish connection. Receiving end does not exist. store.js:135
holder.deserialize is not a function ExtensionChild.jsm:187
Sending message that cannot be cloned. Are you trying to send an XPCOM object? ConduitsChild.jsm:61:19
holder.deserialize is not a function ExtensionChild.jsm:187
Sending message that cannot be cloned. Are you trying to send an XPCOM object? ConduitsChild.jsm:61:19
holder.deserialize is not a function ExtensionChild.jsm:187
Key event not available on GTK2: key=“u” modifiers=“accel shift” id=“torbutton-new-identity-key” browser.xhtml
Key event not available on some keyboard layouts: key=“r” modifiers=“accel,alt” id=“key_toggleReaderMode” browser.xhtml
Key event not available on some keyboard layouts: key=“i” modifiers=“accel,alt,shift” id=“key_browserToolbox” browser.xhtml
Use of nsIFile in content process is deprecated. 15 NetUtil.jsm:253:8
Security Error: Content at moz-nullprincipal:{622ef1d5-255b-49f6-87be-7dec98d71ad3} may not load data from blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/e6aabcb0-74ec-4c5a-a741-07f299281f73.
Use of nsIFile in content process is deprecated. NetUtil.jsm:253:8
Security Error: Content at moz-nullprincipal:{797197ad-8f27-46b2-aec7-64f22df1cc9b} may not load data from blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/425f2185-ab67-4096-96e0-5d06836e9d2f.
Use of nsIFile in content process is deprecated. 2 NetUtil.jsm:253:8
Could not get the list of font families Error: Connection closed, pending request to server0.conn0.child4/pagestyle24, type getUsedFontFaces failed
Request stack:
request@resource://devtools/shared/protocol/Front.js:289:14
generateRequestMethods/</frontProto[name]@resource://devtools/shared/protocol/Front/FrontClassWithSpec.js:46:19
getUsedFontFamilies/</<@resource://devtools/client/inspector/rules/models/element-style.js:205:46
baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:103
destroy resource://devtools/shared/protocol/Front.js:71
destroy resource://devtools/shared/protocol/Pool.js:210
baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:107
destroy resource://devtools/shared/protocol/Front.js:71
destroy resource://devtools/client/fronts/inspector.js:113
_destroyTarget resource://devtools/client/fronts/targets/target-mixin.js:644
text-property-editor.js:574:19
Failed to open input source 'blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/e6aabcb0-74ec-4c5a-a741-07f299281f73' DevToolsUtils.js:670
Failed to open input source 'blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/425f2185-ab67-4096-96e0-5d06836e9d2f' DevToolsUtils.js:670
Exception while trigerring key [object Object]: TypeError: panel is undefined
onkey@resource://devtools/client/definitions.js:193:5
fireCustomKey@resource://devtools/client/framework/toolbox.js:1679:22
selectToolCommand@resource://devtools/client/framework/devtools-browser.js:251:15
DevToolsStartup.jsm:886:15
Exception while opening the toolbox Error: Connection closed, pending request to server0.conn1.target-configuration6, type updateConfiguration failed
Request stack:
request@resource://devtools/shared/protocol/Front.js:289:14
generateRequestMethods/</frontProto[name]@resource://devtools/shared/protocol/Front/FrontClassWithSpec.js:46:19
updateConfiguration@resource://devtools/shared/commands/target-configuration/target-configuration-command.js:51:48
Error: Connection closed, pending request to server0.conn1.target-configuration6, type updateConfiguration failed
Request stack:
request@resource://devtools/shared/protocol/Front.js:289:14
generateRequestMethods/</frontProto[name]@resource://devtools/shared/protocol/Front/FrontClassWithSpec.js:46:19
updateConfiguration@resource://devtools/shared/commands/target-configuration/target-configuration-command.js:51:48
baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:103
destroy resource://devtools/shared/protocol/Front.js:71
destroy resource://devtools/shared/protocol/Pool.js:210
baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:107
destroy resource://devtools/shared/protocol/Front.js:71
destroy resource://devtools/shared/protocol/Pool.js:210
baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:107
destroy resource://devtools/shared/protocol/Front.js:71
destroy resource://devtools/client/fronts/descriptors/descriptor-mixin.js:67
destroy resource://devtools/client/fronts/descriptors/tab.js:83
_emit resource://devtools/shared/event-emitter.js:226
emit resource://devtools/shared/event-emitter.js:172
emit resource://devtools/shared/event-emitter.js:324
destroy resource://devtools/client/fronts/descriptors/tab.js:78
onceDestroyed resource://devtools/client/framework/toolbox.js:3854
toolbox.js:963:17
Error: Connection closed, pending request to server0.conn1.watcher2, type getParentBrowsingContextID failed
Request stack:
request@resource://devtools/shared/protocol/Front.js:289:14
generateRequestMethods/</frontProto[name]@resource://devtools/shared/protocol/Front/FrontClassWithSpec.js:46:19
getBrowsingContextTarget@resource://devtools/client/fronts/watcher.js:155:48
Front.js:103:23
TypeError: win is null
DevToolsUtils.js:957:3
Error: Invalid autocomplete selectedIndex AutoCompleteChild.jsm:125:13
[fluent-dom] An element named "community-mozillaLink" wasn't found in the source. aboutDialog.xhtml
[fluent-dom] An element named "community-creditsLink" wasn't found in the source. aboutDialog.xhtml
[fluent-dom] An element named "helpus-donateLink" wasn't found in the source. aboutDialog.xhtml
[fluent-dom] An element named "helpus-getInvolvedLink" wasn't found in the source. aboutDialog.xhtml
TypeError: Cc[aContract] is undefined
XPCOMUtils.jsm:161:9
AbortError: Actor 'Conduits' destroyed before query 'RuntimeMessage' was resolved ConduitsParent.jsm:297
Use of nsIFile in content process is deprecated. 7 NetUtil.jsm:253:8
Security Error: Content at moz-nullprincipal:{5eac6ade-39c1-4eec-962e-fd1e3451bb54} may not load data from blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/646818f2-e256-4fce-b911-5c5ff299981d.
Use of nsIFile in content process is deprecated. NetUtil.jsm:253:8
Security Error: Content at moz-nullprincipal:{20f2bd9f-3c63-480e-94e7-b543cd4dd8c6} may not load data from blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/13422bec-42bd-46c2-806f-efd1bbd58fd8.
Failed to open input source 'blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/646818f2-e256-4fce-b911-5c5ff299981d' DevToolsUtils.js:670
Failed to open input source 'blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/13422bec-42bd-46c2-806f-efd1bbd58fd8' DevToolsUtils.js:670
PLEASE NOTE: In the above log all but the last message showed as I loaded the page. The one called “source map…” only showed up 30 seconds or so after I clicked on the “Donate” button.
Only failed XHR
XHRGEThttps://donate.torproject.org/static/gen/assets/donate.js.map
[HTTP/1.1 404 Not Found 1061ms]
GET
https://donate.torproject.org/static/gen/assets/donate.js.map
Status
404
Not Found
VersionHTTP/1.1
Transferred756 B (268 B size)
Referrer Policystrict-origin-when-cross-origin
Connection
Keep-Alive
Content-Length
268
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 18 Nov 2021 20:14:39 GMT
Keep-Alive
timeout=5, max=100
Onion-Location
https://yoaenchicimox2qdc47p36zm3cuclq7s7qxx6kvxqaxjodigfifljqqd.onion/static/gen/assets/donate.js.map
Referrer-Policy
no-referrer
Server
Apache
Strict-Transport-Security
max-age=15768000; preload
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-Xss-Protection
1
Accept
*/*
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US,en;q=0.5
Connection
keep-alive
Cookie
__stripe_mid=[CENSORED]; __stripe_sid=[CENSORED]
Host
donate.torproject.org
Sec-Fetch-Dest
empty
Sec-Fetch-Mode
cors
Sec-Fetch-Site
cross-site
User-Agent
Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0
A screenshot of the problem (same as my previous reply)
What happens: donate button does not work
Same symptoms:
Browser console shows “blocked third party https://m.stripe.network/…” a few times. All before I click donate.
Yet another another one reproduced just now:
OS version: Windows
Browser version: Firefox (didn’t check the version and now it’s already powered off
Plugins enabled: None
Network connection: No VPN
A screenshot of the problem (same as my previous reply)
What happens: donate button does not work
Same symptoms…
OS version: Fedora 33
Browser version: Version 94.0.4606.81 (Official Build) Fedora Project (64-bit)
Plugins enabled: None
Network connection: VPN
A screenshot of the problem (same as my previous reply)
What happens: donate button does not work
Same symptoms…
Conclusion Note
I’ve tested just in the last hours on 4 different systems, three different browsers.
Either I am incredibly unlucky or this must be reproducible elsewhere…
@gus here’s a suggestion, please put the banner near the bottom like you see bellow. The issue is that the donate button does not work. So that’s where people will be on the page when the error shows.
@gus it’s still not working (on Tor Browser and also on Firefox 94 on Fedora 33). So the fix by @kezon gitlab didn’t seem to solve this. Please forward this information if you can.
i believe @kez has just fixed that specific issue.
that said, I can reproduce the problem in my own Firefox, but I have rather stringent privacy controls. specifically, i can reproduce the issue with “Third-party cookies” enabled. The symptom is that the “Donate” button doesn’t work when clicked. At the top of the dev console, we also see:
Request to access cookie or storage on “<URL>” was blocked because we are blocking all third-party storage access requests and content blocking is enabled
This blocks requests to stripe and paypal.
I think what is happening is that we’re relying on a third-party cookie, and this is blocked by many browsers, including newer browsers (I’ve seen a few Firefox 94 here, for example). Preliminary reports indicate that privacy badger will also block those cookies.
So; a workaround is to enable third-party cookies and/or disable privacy badger, as relevant. See also the upstream docs.
We’re working on a fix to correct the cross-origin errors on our side.
Thanks again everyone for the detailed reports, extremely useful.
Just to add an update to anarcat’s post above, we’ve added a new item to the Donor FAQ (which is also linked to via a banner under the donate form itself) detailing the workarounds that have been identified so far, alongside some alternative ways to donate.
Should those workarounds not work for you, it’s likely there’s another issue at play here as well – in which case please continue to add your reports to this thread.
I have donated to Wikipedia, Thunderbird, and others without a problem with Tor Browser. And it’s just unfortunate as I bet many are donating via Tor Browser.