hensm/fx_cast

While the extension is active, I can't connect to a Twitch account

Adzetko opened this issue · 6 comments

OS version: Windows 11 22H2
Browser version: Firefox 107.0 (64 bits)
Extension version: 0.3.1
Bridge version: 0.3.0

Description
I logout to my Twitch account while the extension was active on Firefox (and https://www.twitch.tv/* was whitelisted). When I tried to login back, the POST request to https://passport.twitch.tv/integrity sends back an error 400 (as seen in the networking tab of the firefox dev tools), the Twitch's JSON response stated "error_code":5025 and "error_description":"integrity failed".

Disabling the whitelisting for Twitch in the extension's options didn't work, I had to fully disable the extension to be able

Steps to reproduce

  1. whitelist "https://twitch.tv/*" on fx_cast (seems to not be necessary, but that's what I did)
  2. logout of your twitch account (maybe not necessary if you're already disconnected)
  3. try to login back while the extension is active
  4. you'll see an error on the site's UI

Expected behaviour
The extension should not prevent users to login to their twitch accounts

Logs
I'm not really sure I could provide logs of the request without leaking my twitch password, sorry!

hensm commented

Seems like Twitch doesn't like the user agent spoofing. You could try some different user agent string variations. Might also be an issue with the way user agent headers are handled for requests with a whitelisted origin since it seemed a little broken in the testing I did.

Sorry I only see your answer now, I don't have any user agent string setup so I don't really think the problem comes from that? I mean, I suppose it keeps the default Firefox string if I don't input any string?

I had the same issue, also wouldnt let me do a Prime Subscription to a streamer.

There seems to be some issue with fx_cast causing integrity check issues, it completely breaks twitch for me when I have fx_cast enabled, for example the following errors happen when I attempt to create a clip while watching a stream. Instead of creating a clip, a blank tab appears and it spurts out these errors.

OS version: Windows 11 21H2
Browser version: Firefox 109.0 (64-bit)
Extension version: 0.3.1
Bridge version: 0.3.0

[GraphQL] One or more GraphQL errors were detected on request 01GS1K0V8SJS0R9BPVCJT4AXKN. createClip: failed integrity check Array [ {…} ] ​ 0: Object { request: {…}, response: {…} } ​ length: 1 ​ <prototype>: Array [] core-abdcb2c690b098f34cf8.js:1:1650053

=================================================================

Uncaught (in promise) Error: failed integrity check t https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 W https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 n https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 then https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 then https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 w https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 _ https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 k https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 k https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 w https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 _ https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 w https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 _ https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 w https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 _ https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 a https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 oe https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 s https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 s https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 a https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 promise callback*u https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 a https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 promise callback*u https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 replayOperation https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 next https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 s https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 s https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 a https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 promise callback*u https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 next https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 w https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 _ https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 w https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 _ https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 w https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 _ https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 next https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 v https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 vendor-2a9aaf47f4b4e39e7bcc.js:1:335409 s https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 (Async: promise callback) u https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 Ql https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 ic https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 s https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 s https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 l https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 onClick https://static.twitchcdn.net/assets/core-abdcb2c690b098f34cf8.js:1 s https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 p https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 m https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 m https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 at https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 ot https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 st https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 pt https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 F https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 q https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 Xt https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 $t https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 bind_applyFunctionN self-hosted:1683 $t self-hosted:1640 unstable_runWithPriority https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 Ko https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 j https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 Gt https://static.twitchcdn.net/assets/vendor-2a9aaf47f4b4e39e7bcc.js:1 bind_applyFunctionN self-hosted:1683 Gt self-hosted:1640

hensm commented

I guess I misread the original post. I can't reproduce the behaviour unless Twitch is whitelisted (rather than simply having the extension enabled), so it would be good to get some confirmation on that specifically. I still think it's likely to be related to other resources on the page being loaded with a different user agent string. I'll see if I can track this down tomorrow.

hensm commented

Using a Chrome user agent string globally also causes these issues, so it's probably Twitch doing some sort of hacky browser detection for bot prevention or something which I'm not going to try to figure out. If anyone has a solution, I'll accept a PR. Otherwise, Twitch is unsupported.

As far as Twitch breaking just from having the extension enabled, I need either steps to reliably reproduce this on a fresh Firefox profile or some useful info that would help me track this down.