Facebook button on Manjaro forum's subjects?

Hi !
I’m puzzled to see an alert of Facebook container on my Firefox when I’m on a topic:

How comes ?

Are you sure that’s not a plug-in you’ve got installed?

  • I don’t have a Facebook/WhatsApp account
  • No Facebook cookies nor scripts are allowed anywhere on my browser.

And I can’t see anything like that…

Furthermore, from a forum.manjaro.org perspective, only manjaro.org and gstatic.com are loaded inside a forum page as my NoScript extension shows…

:thinking:

1 Like

Well it is a plugin :

What I don’t get is why it tells there is a button (only on post pages)

Would that be a false positive ?
I see it here:

But not on other Discourse forums:

That has nothing to do with the Manjaro forum. There are no ads or trackers in use. Open a Firefox Private Window with no extensions enabled and my guess is you won’t be able to reproduce it.

4 Likes

Could also be me and I’d be happy to know why and solve.

Before testing otherwise, here is what I get:

[Edit] Just tested on a completely different FF instance (but with FB container) : exact same issue.
Might it be an issue with the plugin ? (That doesn’t appear on other discourse forums ?)

OK … lets say it a different way …
That doesnt actually exist on the manjaro pages.
(I even changed to this glaring white theme to double check)

…so you may want to look at your browser … maybe start it in ‘safe mode’ and check again.
Then remove whatever extension is behaving badly.
(as that is my current theory)

1 Like

Could it be related to line 555 of this page’s source code ?

[Edit] Just checked on my Debian Buster : same issue with FF-ESR + Facebook container

What do you see on line 555 ?
Because here it is blank.

1 Like

Waow ! Now it’s line 641

How to post the text ? it’s huge !

Its ‘minimized’ of a bunch of things … but why do you find it suspicious or the source of your ‘fbc’ apparition?

Theres nothing in there related.
(there are ‘buttons’ for sharing quotes or copying … normal discourse stuff)

You could even block or live-edit that section if you need and dont want to read it.

I still think this is a problem with your configuration, software, browser, network, etc …
and I will probably keep thinking that until someone can point to an actual line or example of the code doing ‘~facebook stuff~’

As already stated:

So:

  1. Download your Facebook Data
  2. Delete your:
    • Facebook account
    • WhatsApp account
  3. Uninstall all Facebook / WhatsApp plug-ins, applications / snaps, flatpacks from all your devices
  4. Disallow all cookies in Firefox
  5. Delete all cookies in Firefox
  6. Install the NoScript plug-in and disallow all scripts everywhere.
  7. Install the AdBlock+ plug-in and disallow even unobtrusive ads in its settings uBlock Origin plugin
  8. Allow:
    • Session cookies only for sites you actually need. (Like this one)
    • Permanent cookies for any equipment on your LAN (Like your router / phone / …)
    • Scripts to be run permanently for sites you use daily. Any other sites (weekly / monthly) only allow scripts temporaryly.

There! Now you’re running the way I’m running and your browser speed will increase by 50-100% and you won’t get any ads anywhere including YouTube, Google, …

If something doesn’t work, it’s not worth having (E.G. pinterest)
:crazy_face: :man_shrugging:

2 Likes

Well, it could be my network or my plugin as I have this on two computers with different OS and different FF versions.

How can I post the tremendously large line I found on the page code (can Firefox give a wrong page code ?)

@Fabby : you’re very kind, but…

  • On my Manjaro’s Firefox, I clean history, cache, cookies several times a day and… didn’t open any Facebook session for days.
  • On my Debian, I never opened FB or Whatsapp…
  • The line I would like to post was seen on Manjaro’s forum code on a separate Firefox instance WITHOUT any plugin.
  • Don’t ever suggest Adblock+ that is a bloatware, but uBlock origin.
  • I happen to make Firefox speed & security tutorials for several years and sometimes contribute to PrivacyTools.

Now, how can I post this file ?

ublock origin is heaps better

(reasons: abp is corporate, has ‘acceptable ads’, isnt as competent about blocking, and costs multiple times the overhead)

2 Likes

It’s just habit: ABP was first, so I still use that, but UBO seems to use a totally different algorithm so I’m going to disable ABP and give UBO a try.

but in the meantime:

2020-12-23_23-32

(Also edited the original in case someone else stumbles across that)

cc @cscs

Probably a bunch of ways … but I will point here:

(a number of the services also do file sharing, ex: curl -F'file=@yourfile.png' https://0x0.st)

Ha yes … back in the days when FF was the only browser with extensions.
… I also used it way back then.

1 Like

Here you are: http://paste.c-net.org/SurfaceHitter

Mk … so I see

share_links\":\"twitter|facebook|email\"

and

enable_signup_cta\":true,\"facebook_app_id\"

Which seems to be just for the sign up ability …

The first one seems like it might be a ‘share to’ type of thing … but it doesnt seem available on any part of the page… so I am not sure it is blocked or if it is only active if you are currently signed in?

Well, when I saw that uBlock Origin uses much less RAM and CPU than AdBlock+, I was sold. It’s just that there were two µBlocks at the time so I stayed with what I had but:

@cscs Gracias!
@nam1962 Merci! Et va télécharger tes données FB maintenant et efface ce bordel de b***. :stuck_out_tongue_winking_eye:

1 Like
  1. I don’t use that plugin, i use Firefox Multi-Account Containers – Get this Extension for 🦊 Firefox (en-US) only…
  2. I just checked the CSP of the forum in firefox, and it looks like it does not allow any external domain to load scripts.
  3. I use uMatrix and i don’t see anything related to facebook.

The above combined means: It is a bug with that FB-Container Addon.
I suggest you file a bug report at:

Hi, I just tested with Facebook container off.
Then I checked the bottom code of post pages of 3 discourse forums:

At the bottom of each of them I found a section:

<div id='offscreen-content'>

and somewhere below, a line begining with:

 <div class="hidden" id="data-preloaded" data-preloaded="{&quot;site&quot................

Like the one I gave the pastebin above.
I checked that on my Manjaro and I double checked on another computer whith Debian + FF-ESR (on which I NEVER opened any instance of Facebook nor WhatsApp or any other FB subisidiary - Eh oui @Fabby: JAMAIS et je l’avais déjà dit plus haut ! :stuck_out_tongue:

So, do you think I have a kind of spectrum dev here, whom would add code @ the bottom of my visited Discourse pages ?

Btw : the behaviour of Facebook container is absolutely logical : what it does is forbidding any FB related code to be operational.
This is useful, as, as you all know, there is FB tracking code everywhere (that can track even user with no FB account.)

My guess is that Discourse embeds social media buttons that could be activated (while, for instance, if you want a FB or Twitter button on WordPress you have to code it or to add a plugin).

Can you check if I’m alone with this line at the bottom of post pages ?

1 Like