Donating via credit card issue

We’re tracking down a bug on our donation website. Some donors reported having issues while donating via credit card.
If you’re facing this issue, please help us to debug and include as many of these as possible:

Example

  • OS version: Linux Debian 10
  • Browser version: Firefox 78.15.0esr (64-bit)
  • Plugins enabled: Ad-Block
  • Network connection: VPN enabled
  • A screenshot of the problem
2 Likes

Just reproduced it again. Here are the details:

  • OS version: Whonix Workstation 16
  • Browser version: Tor Browser (Anondist) - 11.0.1 (based on Mozilla Firefox 91.3.0esr) (64-bit)
  • Plugins enabled: None (vanilla Tor browser)
  • Network connection: Whonix Gateway

what happens: “Click Donate and nothing happens”:

browser's console shows (ctrl+shift+k)
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:64494
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:64494
Content Security Policy: The page’s settings blocked the loading of a resource at data: (“media-src”). 2
Content Security Policy: The page’s settings observed the loading of a resource at data: (“default-src”). A CSP report is being sent.
Content Security Policy: The page’s settings blocked the loading of a resource at data: (“media-src”). 4
Blocked third party https://m.stripe.network/inner.html#url=https%3A%2F%2Fdonate.torproject.org%2F&title=Tor%20Project%20%7C%20Donate&referrer=&muid=[CENSORED]&version=6&preview=false from extracting canvas data. out-4.5.41.js:1:26592
Dev tools show (crtl+shift+j)
TorConnect: Init TorConnect.jsm:238:21
Content Security Policy: Couldn’t parse invalid host 'wasm-eval' 2
TorConnect: observed profile-after-change TorConnect.jsm:245:21
TorConnect: legacyOrSystemTor() TorConnect.jsm:372:21
TorConnect: transitioning state from Initial to Disabled TorConnect.jsm:224:21
[11-18 19:53:58] Torbutton NOTE: Initializing security-prefs.js
[11-18 19:53:58] Torbutton NOTE: security-prefs.js initialization complete
Unexpected event profile-after-change URLQueryStrippingListService.jsm:224
Content Security Policy: Couldn’t parse invalid host 'wasm-eval' 2
Bootstrapped manifest not allowed to use 'resource' directive. chrome.manifest:2
[Exception... "Component returned failure code: 0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH) [nsIXPCComponents_Utils.readUTF8URI]"  nsresult: "0x80520001 (NS_ERROR_FILE_UNRECOGNIZED_PATH)"  location: "JS frame :: resource://gre/modules/L10nRegistry.jsm :: L10nRegistry.loadSync :: line 707"  data: no] 18 L10nRegistry.jsm:707:19
[11-18 19:54:00] Torbutton WARN: Error: setevents stream -> 510 Command filtered
[11-18 19:54:00] Torbutton WARN: Disabling tor display circuit because of an error.
[Exception... "Component returned failure code: 0x80004001 (NS_ERROR_NOT_IMPLEMENTED) [nsIAppStartup.secondsSinceLastOSRestart]"  nsresult: "0x80004001 (NS_ERROR_NOT_IMPLEMENTED)"  location: "JS frame :: resource:///modules/BrowserGlue.jsm :: _collectStartupConditionsTelemetry :: line 1680"  data: no] BrowserGlue.jsm:1680:9
1637265242166	addons.webextension.<unknown>	ERROR	Loading extension 'null': Reading manifest: Error processing chrome_settings_overrides.search_provider.search_form: String "http://blkchairbknpn73cfjhevhla7rkp4ed5gg2knctvv7it4lioy22defid.onion/search/?q={searchTerms}" must match /^(https:\/\/|http:\/\/(localhost|127\.0\.0\.1|\[::1\])(:\d*)?(\/|$)).*$/ Log.jsm:723
Could not load engine blockchair-onion@search.mozilla.org: Error: Extension is invalid SearchService.jsm:609:17
uncaught exception: Object
Sending message that cannot be cloned. Are you trying to send an XPCOM object? ConduitsChild.jsm:61:19
Unchecked lastError value: Error: Could not establish connection. Receiving end does not exist. store.js:135
holder.deserialize is not a function ExtensionChild.jsm:187
Sending message that cannot be cloned. Are you trying to send an XPCOM object? ConduitsChild.jsm:61:19
holder.deserialize is not a function ExtensionChild.jsm:187
Sending message that cannot be cloned. Are you trying to send an XPCOM object? ConduitsChild.jsm:61:19
holder.deserialize is not a function ExtensionChild.jsm:187
Key event not available on GTK2: key=“u” modifiers=“accel shift” id=“torbutton-new-identity-key” browser.xhtml
Key event not available on some keyboard layouts: key=“r” modifiers=“accel,alt” id=“key_toggleReaderMode” browser.xhtml
Key event not available on some keyboard layouts: key=“i” modifiers=“accel,alt,shift” id=“key_browserToolbox” browser.xhtml
Use of nsIFile in content process is deprecated. 15 NetUtil.jsm:253:8
Security Error: Content at moz-nullprincipal:{622ef1d5-255b-49f6-87be-7dec98d71ad3} may not load data from blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/e6aabcb0-74ec-4c5a-a741-07f299281f73.
Use of nsIFile in content process is deprecated. NetUtil.jsm:253:8
Security Error: Content at moz-nullprincipal:{797197ad-8f27-46b2-aec7-64f22df1cc9b} may not load data from blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/425f2185-ab67-4096-96e0-5d06836e9d2f.
Use of nsIFile in content process is deprecated. 2 NetUtil.jsm:253:8
Could not get the list of font families Error: Connection closed, pending request to server0.conn0.child4/pagestyle24, type getUsedFontFaces failed

Request stack:
request@resource://devtools/shared/protocol/Front.js:289:14
generateRequestMethods/</frontProto[name]@resource://devtools/shared/protocol/Front/FrontClassWithSpec.js:46:19
getUsedFontFamilies/</<@resource://devtools/client/inspector/rules/models/element-style.js:205:46
    baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:103
    destroy resource://devtools/shared/protocol/Front.js:71
    destroy resource://devtools/shared/protocol/Pool.js:210
    baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:107
    destroy resource://devtools/shared/protocol/Front.js:71
    destroy resource://devtools/client/fronts/inspector.js:113
    _destroyTarget resource://devtools/client/fronts/targets/target-mixin.js:644
text-property-editor.js:574:19
Failed to open input source 'blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/e6aabcb0-74ec-4c5a-a741-07f299281f73' DevToolsUtils.js:670
Failed to open input source 'blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/425f2185-ab67-4096-96e0-5d06836e9d2f' DevToolsUtils.js:670
Exception while trigerring key [object Object]: TypeError: panel is undefined
onkey@resource://devtools/client/definitions.js:193:5
fireCustomKey@resource://devtools/client/framework/toolbox.js:1679:22
selectToolCommand@resource://devtools/client/framework/devtools-browser.js:251:15
DevToolsStartup.jsm:886:15
Exception while opening the toolbox Error: Connection closed, pending request to server0.conn1.target-configuration6, type updateConfiguration failed

Request stack:
request@resource://devtools/shared/protocol/Front.js:289:14
generateRequestMethods/</frontProto[name]@resource://devtools/shared/protocol/Front/FrontClassWithSpec.js:46:19
updateConfiguration@resource://devtools/shared/commands/target-configuration/target-configuration-command.js:51:48
 Error: Connection closed, pending request to server0.conn1.target-configuration6, type updateConfiguration failed

Request stack:
request@resource://devtools/shared/protocol/Front.js:289:14
generateRequestMethods/</frontProto[name]@resource://devtools/shared/protocol/Front/FrontClassWithSpec.js:46:19
updateConfiguration@resource://devtools/shared/commands/target-configuration/target-configuration-command.js:51:48
    baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:103
    destroy resource://devtools/shared/protocol/Front.js:71
    destroy resource://devtools/shared/protocol/Pool.js:210
    baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:107
    destroy resource://devtools/shared/protocol/Front.js:71
    destroy resource://devtools/shared/protocol/Pool.js:210
    baseFrontClassDestroy resource://devtools/shared/protocol/Front.js:107
    destroy resource://devtools/shared/protocol/Front.js:71
    destroy resource://devtools/client/fronts/descriptors/descriptor-mixin.js:67
    destroy resource://devtools/client/fronts/descriptors/tab.js:83
    _emit resource://devtools/shared/event-emitter.js:226
    emit resource://devtools/shared/event-emitter.js:172
    emit resource://devtools/shared/event-emitter.js:324
    destroy resource://devtools/client/fronts/descriptors/tab.js:78
    onceDestroyed resource://devtools/client/framework/toolbox.js:3854
toolbox.js:963:17
Error: Connection closed, pending request to server0.conn1.watcher2, type getParentBrowsingContextID failed

Request stack:
request@resource://devtools/shared/protocol/Front.js:289:14
generateRequestMethods/</frontProto[name]@resource://devtools/shared/protocol/Front/FrontClassWithSpec.js:46:19
getBrowsingContextTarget@resource://devtools/client/fronts/watcher.js:155:48
Front.js:103:23
TypeError: win is null
DevToolsUtils.js:957:3
Error: Invalid autocomplete selectedIndex AutoCompleteChild.jsm:125:13
[fluent-dom] An element named "community-mozillaLink" wasn't found in the source. aboutDialog.xhtml
[fluent-dom] An element named "community-creditsLink" wasn't found in the source. aboutDialog.xhtml
[fluent-dom] An element named "helpus-donateLink" wasn't found in the source. aboutDialog.xhtml
[fluent-dom] An element named "helpus-getInvolvedLink" wasn't found in the source. aboutDialog.xhtml
TypeError: Cc[aContract] is undefined
XPCOMUtils.jsm:161:9
AbortError: Actor 'Conduits' destroyed before query 'RuntimeMessage' was resolved ConduitsParent.jsm:297
Use of nsIFile in content process is deprecated. 7 NetUtil.jsm:253:8
Security Error: Content at moz-nullprincipal:{5eac6ade-39c1-4eec-962e-fd1e3451bb54} may not load data from blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/646818f2-e256-4fce-b911-5c5ff299981d.
Use of nsIFile in content process is deprecated. NetUtil.jsm:253:8
Security Error: Content at moz-nullprincipal:{20f2bd9f-3c63-480e-94e7-b543cd4dd8c6} may not load data from blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/13422bec-42bd-46c2-806f-efd1bbd58fd8.
Failed to open input source 'blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/646818f2-e256-4fce-b911-5c5ff299981d' DevToolsUtils.js:670
Failed to open input source 'blob:moz-extension://e078fc56-788d-4a73-be9e-ab4560656510/13422bec-42bd-46c2-806f-efd1bbd58fd8' DevToolsUtils.js:670

Another one reproduced just now:

  • OS version: Linux Fedora 33
  • Browser version: 94.0 (64-bit)
  • Plugins enabled: None (vanilla fedora firefox)
  • Network connection: VPN enabled
  • A screenshot of the problem (same as my previous reply)
  • What happens: donate button does not work
Browser Console (ctrl+shif+k)
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:64494
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65231
Feature Policy: Skipping unsupported feature name “payment”. v3:1:65369
Feature Policy: Skipping unsupported feature name “payment”. v3:1:172438
Feature Policy: Skipping unsupported feature name “payment”. v3:1:64494
Source map error: Error: request failed with status 404
Resource URL: https://donate.torproject.org/static/gen/donate.js?h=84faa3f2
Source Map URL: assets/donate.js.map

PLEASE NOTE: In the above log all but the last message showed as I loaded the page. The one called “source map…” only showed up 30 seconds or so after I clicked on the “Donate” button.

Only failed XHR
XHRGEThttps://donate.torproject.org/static/gen/assets/donate.js.map
[HTTP/1.1 404 Not Found 1061ms]

	
GET
	https://donate.torproject.org/static/gen/assets/donate.js.map
Status
404
Not Found
VersionHTTP/1.1
Transferred756 B (268 B size)
Referrer Policystrict-origin-when-cross-origin

    	
    Connection
    	Keep-Alive
    Content-Length
    	268
    Content-Type
    	text/html; charset=iso-8859-1
    Date
    	Thu, 18 Nov 2021 20:14:39 GMT
    Keep-Alive
    	timeout=5, max=100
    Onion-Location
    	https://yoaenchicimox2qdc47p36zm3cuclq7s7qxx6kvxqaxjodigfifljqqd.onion/static/gen/assets/donate.js.map
    Referrer-Policy
    	no-referrer
    Server
    	Apache
    Strict-Transport-Security
    	max-age=15768000; preload
    X-Content-Type-Options
    	nosniff
    X-Frame-Options
    	sameorigin
    X-Xss-Protection
    	1
    	
    Accept
    	*/*
    Accept-Encoding
    	gzip, deflate, br
    Accept-Language
    	en-US,en;q=0.5
    Connection
    	keep-alive
    Cookie
    	__stripe_mid=[CENSORED]; __stripe_sid=[CENSORED]
    Host
    	donate.torproject.org
    Sec-Fetch-Dest
    	empty
    Sec-Fetch-Mode
    	cors
    Sec-Fetch-Site
    	cross-site
    User-Agent
    	Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0

Yet another one reproduced just now:

  • OS version: Windows
  • Browser version: Tor Browser 11.0.1
  • Plugins enabled: None (vanilla Tor Browser)
  • Network connection: No VPN
  • A screenshot of the problem (same as my previous reply)
  • What happens: donate button does not work

Same symptoms:


Yet another another one reproduced just now:

  • OS version: Windows
  • Browser version: Firefox (didn’t check the version and now it’s already powered off
  • Plugins enabled: None
  • Network connection: No VPN
  • A screenshot of the problem (same as my previous reply)
  • What happens: donate button does not work

Same symptoms…


  • OS version: Fedora 33
  • Browser version: Version 94.0.4606.81 (Official Build) Fedora Project (64-bit)
  • Plugins enabled: None
  • Network connection: VPN
  • A screenshot of the problem (same as my previous reply)
  • What happens: donate button does not work

Same symptoms…

Conclusion Note

I’ve tested just in the last hours on 4 different systems, three different browsers.

Either I am incredibly unlucky or this must be reproducible elsewhere…


@gus here’s a suggestion, please put the banner near the bottom like you see bellow. The issue is that the donate button does not work. So that’s where people will be on the page when the error shows.

I was following the discussion about the banner and still I missed it when I went to the website because. Anyways, just a tip :wink:

2 Likes

@gus it’s still not working (on Tor Browser and also on Firefox 94 on Fedora 33). So the fix by @kez on gitlab didn’t seem to solve this. Please forward this information if you can.

Same problem here. OpenSuSE Leap 15.2, FireFox 91.2.0esr

i believe @kez has just fixed that specific issue.

that said, I can reproduce the problem in my own Firefox, but I have rather stringent privacy controls. specifically, i can reproduce the issue with “Third-party cookies” enabled. The symptom is that the “Donate” button doesn’t work when clicked. At the top of the dev console, we also see:

Request to access cookie or storage on “<URL>” was blocked because we are blocking all third-party storage access requests and content blocking is enabled

This blocks requests to stripe and paypal.

I think what is happening is that we’re relying on a third-party cookie, and this is blocked by many browsers, including newer browsers (I’ve seen a few Firefox 94 here, for example). Preliminary reports indicate that privacy badger will also block those cookies.

So; a workaround is to enable third-party cookies and/or disable privacy badger, as relevant. See also the upstream docs.

We’re working on a fix to correct the cross-origin errors on our side.

Thanks again everyone for the detailed reports, extremely useful.

1 Like

Just to add an update to anarcat’s post above, we’ve added a new item to the Donor FAQ (which is also linked to via a banner under the donate form itself) detailing the workarounds that have been identified so far, alongside some alternative ways to donate.

Should those workarounds not work for you, it’s likely there’s another issue at play here as well – in which case please continue to add your reports to this thread.

Thanks everyone!

A post was merged into an existing topic: New Release: Tor Browser 11.0.1