From: dhdurgee@privacy.net   
      
   David H Durgee wrote:   
   > David H Durgee wrote:   
   >> Mark Bourne wrote:   
   >>> David H Durgee wrote:   
   >>>> David H Durgee wrote:   
   >>>>> Richmond wrote:   
   >>>>>> David H Durgee  writes:   
   >>>>>>   
   >>>>>>> Starting yesterday I am getting a problematic popup from   
   >>>>>>> imap.mail.yahoo.com every time it tries to check for mail.   
   >>>>>>>   
   >>>>>>> The popup requests that I login, but when I click the button after I   
   >>>>>>> enter the email and password I get a spinner and nothing else   
   >>>>>>> happens.   
   >>>>>>>   
   >>>>>>> I am assuming that something about the popup is causing problems for   
   >>>>>>> SeaMonkey 2.53.21 here.   
   >>>>>>>   
   >>>>>>> The URL for the window shows as:   
   >>>>>>>   
   >>>>>>> https://login.yahoo.com/?src=thunderbird&clientid=   
   >>>>>>>   
   >>>>>>> The window can be moved but remains on top.  No right click menu.   
   >>>>>>>   
   >>>>>>> Cannot highlight and copy the URL.   
   >>>>>>>   
   >>>>>>> The window title is "Enter credentials for"  on imap...   
   >>>>>>>   
   >>>>>>> Obviously I cannot access yahoo mail at the moment and given it is   
   >>>>>>> non-functional all I can do is close the window.   
   >>>>>>>   
   >>>>>>> How do I get this corrected?   
   >>>>>>>   
   >>>>>>> Dave   
   >>>>>>   
   >>>>>> It sounds like it is trying to set up Oauth2. Maybe you have to   
   >>>>>> enable   
   >>>>>> javascript? Or maybe it is requesting 2FA?   
   >>>>>>   
   >>>>>   
   >>>>> I thought I had Oauth2 already setup on all my mail connections,   
   >>>>> but perhaps I missed it.  Looking in my passwords do not show one   
   >>>>> for that email address, so that may be the problem.   
   >>>>>   
   >>>>> I will look into how I need to get that working.   
   >>>>>   
   >>>>> Dave   
   >>>>   
   >>>> The error console shows [ABE} errors relating to this.  How do I fix   
   >>>> that?   
   >>>>   
   >>>> Dave   
   >>>   
   >>> I don't know if it might have other meanings, but to me "ABE" is   
   >>> NoScript's "Application Boundaries Enforcer" that restricts which   
   >>> domains can load Javascript and other resources from which other   
   >>> domains.  It could be that the Yahoo login page is trying to load   
   >>> Javascript from another Yahoo domain, and maybe you've configured ABE   
   >>> rules that prevent that.  As far as I recall ABE isn't enabled by   
   >>> default in NoScript, and has very few restrictions by default even if   
   >>> enabled.  So if that is the problem, hopefully you'd know you've   
   >>> enabled ABE at some point and that's enough of a clue to work out how   
   >>> to adjust whatever rules you've set up.   
   >>>   
   >>> Or it could be "ABE" has a completely different meaning in this   
   >>> context...!   
   >>>   
   >>   
   >> I disabled ABE in No Script and those messages went away.  I still see   
   >> one No Script related error listed:   
   >>   
   >>> [NoScript] Force text/plain for missing content-type on   
   >>> https://api.login.yahoo.com/oauth2/request_auth?response_typ   
   =code&client_id=dj0yJmk9NUtCTWFMNVpTaVJmJmQ9WVdrOVJ6UjVTa2xJTXpR   
   WNHbzlNQS0tJnM9Y29uc3VtZXJzZWNyZXQmeD0yYw--&redirect_uri=http%3A   
   2F%2Flocalhost&scope=mail-w&login_hint=dhdurgee%40yahoo.com   
   >>>   
   >>   
   >> I don't know if that is directly related to the problem or not, it   
   >> sounds pretty innocuous and appears to confirm this relates to oauth2   
   >> based on the URL.   
   >>   
   >> Unfortunately I am still getting nowhere with this.   
   >>   
   >> Dave   
   >   
   > I thought to try something with the above URL, I opened it in a Firefox   
   > tab enabling all scripting it requested and it was able to complete to a   
   > point where it tried to do something with localhost that failed.  It   
   > even sent me an email to my backup account about a Thunderbird login.   
   >   
   > This morning I tried the same thing in a Seamonkey tab and wind up with   
   > a spinner after entering the password.  Looking in the error console I see:   
   >   
   >> Timestamp: 10/9/25, 11:51:19 AM MDT   
   >> Error: SyntaxError: missing : after property id   
   >> Source File: https://s.yimg.com/aaq/benji/benji-2.3.23.js   
   >> Line: 1, Column: 25600   
   >> Source Code:   
   >> s[n]=e.benji.debug.logs[n]||[]).push(r)}}class   
   >> fs{_googletag;features;refreshQueue;debounceTimer;constructor(){return th   
   >   
   >> Timestamp: 10/9/25, 11:51:19 AM MDT   
   >> Error: about:blank : Unable to run script because scripts are blocked   
   >> internally.   
   >   
   >> Timestamp: 10/9/25, 11:51:21 AM MDT   
   >> Error: about:blank : Unable to run script because scripts are blocked   
   >> internally.   
   >   
   > So it appears that Yahoo is indeed doing something SeaMinkey isn't   
   > supporting.   
   >   
   > Dave   
      
      
   I have Thunderbird on my system as well, but I don't use it as I prefer   
   SeaMonkey.  If I were to set up Thunderbird to access Yahoo mail via   
   IMAP and SMTP with oauth2, assuming it will work, would there be a way   
   to pull the oauth2 entry from it and add it to the SeaMonkey password   
   file to get it working here?   
      
   Dave   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)