From: dnomhcir@gmx.com
Richmond writes:
> David H Durgee writes:
>
>> David H Durgee wrote:
>>> David H Durgee wrote:
>>>> Mark Bourne wrote:
>>>>> David H Durgee wrote:
>>>>>> David H Durgee wrote:
>>>>>>> Richmond wrote:
>>>>>>>> David H Durgee writes:
>>>>>>>>
>>>>>>>>> Starting yesterday I am getting a problematic popup from
>>>>>>>>> imap.mail.yahoo.com every time it tries to check for mail.
>>>>>>>>>
>>>>>>>>> The popup requests that I login, but when I click the button
>>>>>>>>> after I enter the email and password I get a spinner and
>>>>>>>>> nothing else happens.
>>>>>>>>>
>>>>>>>>> I am assuming that something about the popup is causing
>>>>>>>>> problems for SeaMonkey 2.53.21 here.
>>>>>>>>>
>>>>>>>>> The URL for the window shows as:
>>>>>>>>>
>>>>>>>>> https://login.yahoo.com/?src=thunderbird&clientid=
>>>>>>>>>
>>>>>>>>> The window can be moved but remains on top. No right click
>>>>>>>>> menu.
>>>>>>>>>
>>>>>>>>> Cannot highlight and copy the URL.
>>>>>>>>>
>>>>>>>>> The window title is "Enter credentials for" on
>>>>>>>>> imap...
>>>>>>>>>
>>>>>>>>> Obviously I cannot access yahoo mail at the moment and given
>>>>>>>>> it is non-functional all I can do is close the window.
>>>>>>>>>
>>>>>>>>> How do I get this corrected?
>>>>>>>>>
>>>>>>>>> Dave
>>>>>>>>
>>>>>>>> It sounds like it is trying to set up Oauth2. Maybe you have to
>>>>>>>> enable javascript? Or maybe it is requesting 2FA?
>>>>>>>>
>>>>>>>
>>>>>>> I thought I had Oauth2 already setup on all my mail connections,
>>>>>>> but perhaps I missed it. Looking in my passwords do not show
>>>>>>> one for that email address, so that may be the problem.
>>>>>>>
>>>>>>> I will look into how I need to get that working.
>>>>>>>
>>>>>>> Dave
>>>>>>
>>>>>> The error console shows [ABE} errors relating to this. How do I
>>>>>> fix that?
>>>>>>
>>>>>> Dave
>>>>>
>>>>> I don't know if it might have other meanings, but to me "ABE" is
>>>>> NoScript's "Application Boundaries Enforcer" that restricts which
>>>>> domains can load Javascript and other resources from which other
>>>>> domains. It could be that the Yahoo login page is trying to load
>>>>> Javascript from another Yahoo domain, and maybe you've configured
>>>>> ABE rules that prevent that. As far as I recall ABE isn't enabled
>>>>> by default in NoScript, and has very few restrictions by default
>>>>> even if enabled. So if that is the problem, hopefully you'd know
>>>>> you've enabled ABE at some point and that's enough of a clue to
>>>>> work out how to adjust whatever rules you've set up.
>>>>>
>>>>> Or it could be "ABE" has a completely different meaning in this
>>>>> context...!
>>>>>
>>>>
>>>> I disabled ABE in No Script and those messages went away. I still
>>>> see one No Script related error listed:
>>>>
>>>>> [NoScript] Force text/plain for missing content-type on
>>>>> https://api.login.yahoo.com...
>>>>
>>>> I don't know if that is directly related to the problem or not, it
>>>> sounds pretty innocuous and appears to confirm this relates to
>>>> oauth2 based on the URL.
>>>>
>>>> Unfortunately I am still getting nowhere with this.
>>>>
>>>> Dave I thought to try something with the above URL, I opened it in
>>> a Firefox tab enabling all scripting it requested and it was able to
>>> complete to a point where it tried to do something with localhost
>>> that failed. It even sent me an email to my backup account about a
>>> Thunderbird login. This morning I tried the same thing in a
>>> Seamonkey tab and wind up with a spinner after entering the
>>> password. Looking in the error console I see:
>>>
>>>> Timestamp: 10/9/25, 11:51:19 AM MDT Error: SyntaxError: missing :
>>>> after property id Source File:
>>>> https://s.yimg.com/aaq/benji/benji-2.3.23.js Line: 1, Column: 25600
>>>> Source Code: s[n]=e.benji.debug.logs[n]||[]).push(r)}}class
>>>> fs{_googletag;features;refreshQueue;debounceTimer;constructor(){return
>>>> th
>>>
>>>> Timestamp: 10/9/25, 11:51:19 AM MDT Error: about:blank : Unable to
>>>> run script because scripts are blocked internally.
>>>
>>>> Timestamp: 10/9/25, 11:51:21 AM MDT Error: about:blank : Unable to
>>>> run script because scripts are blocked internally. >> So it
>>>> appears that Yahoo is indeed doing something SeaMinkey isn't >>
>>>> supporting. >> Dave
>>
>>
>> I have Thunderbird on my system as well, but I don't use it as I
>> prefer SeaMonkey. If I were to set up Thunderbird to access Yahoo
>> mail via IMAP and SMTP with oauth2, assuming it will work, would
>> there be a way to pull the oauth2 entry from it and add it to the
>> SeaMonkey password file to get it working here?
>>
>
> When I tried with Thunderbird, the next thing which came up after the
> password prompt (which was where it got stuck with seamonkey) was a
> dialog requesting that I choose where to send a
> one-time-password. I.e. the 2fa dialog. It was possible to select from
> the url but it had 'thunderbird' embedded in it, so I didn't bother to
> try. Another thing I noticed when using Seamonkey is that when you get
> stuck on the password prompt you can click "yahoo" top left and you
> get prompted to accept cookies. After tha however there is no way to
> go back to the password prompt.
I've noticed that if I disable javascript I can get the 2FA popup,
however I don't get any further than that. Perhaps what is needed is an
on-the-fly javascript toggle button.
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
