Opened 4 years ago

Closed 3 years ago

#4664 closed defect (duplicate)

Brightcove player crashes in Chrome with Adblock plus on

Reported by: strashila Assignee:
Priority: Unknown Milestone:
Module: Platform Keywords:
Cc: kzar, sebastian, mapx Blocked By:
Blocking: Platform: Chrome
Ready: no Confidential: no
Tester: Unknown Verified working: no
Review URL(s):



Windows 8.1 and 10, Chrome Version 54.0.2840.99, Adblock plus Version 1.12.4

How to reproduce

  1. Open Chrome with Adblock plus, go to, see the Brightcove player crash

Observed behaviour

We're having a very specific issue on website, where Brightcove player crashes in Chrome with Adblock plus. No matter if the Adblock is enabled or disabled the playback crashes. As I said, this is a very specific problem, which happens on only in Chrome and with Adblock. If you try to watch this page in incognito, everything is working as desired.


Expected behaviour

Brightcove player should not crash, player ads should be displayed if Adblock plus is disabled, and blocked if it's enabled in the browser

Change History (3)

comment:1 Changed 4 years ago by mapx

  • Cc kzar sebastian mapx added

comment:2 Changed 4 years ago by kzar

  • Component changed from Unknown to Platform

I can reproduce. Adblock Plus injects a Content Security Policy adding restrictions due to this filter in EasyList:


That CSP then blocks a blob iframe (or similar) which then results in the player's error message being displayed. (I notice the sound continues to play, perhaps the player could be improved so that when the blob iframe is blocked the error isn't displayed?)

The problem does not happen when that filter is removed. However like you mentioned the problem does occur when the domain is whitelisted. Looking at the code we don't check if the domain is whitelisted before injecting the CSP.

In the codereview for the CSP change we already decided that the combination of sitekey whitelisting with CSP filters is not likely enough to worry about. Perhaps domain whitelisting is important enough to worry about however. What do you think Sebastian?

comment:3 Changed 3 years ago by kzar

  • Resolution set to duplicate
  • Status changed from new to closed

Since the main issue for us to address here seems to be that we don't check if the website is whitelisted before injecting the CSP I'm marking this a duplicate of #4953.

Note: See TracTickets for help on using tickets.