@TomasTomecek, @lachmanfrantisek : According to https://copr.fedorainfracloud.org/coprs/packit/cockpit-project-cockpit-17726/build/4832346/ the COPR builds succeeded, but somehow packit and the PR don't pick that up? Is it worth retrying?

I have tested this with Firefox 106.0a1 and everything checks out. I can reproduce the issue exactly, and this change makes everything work. Thanks!

Is it worth retrying?

No. :-)

@emilio it'd be good to get WPTs for no-parameter :is() / :has(), both in qSA and in CSS.supports("selector(...)").

Rejecting CSS.supports(":is()") is the correct thing to do per w3c/csswg-drafts#7280

Fixes #17724.

login: Adjust selectors when checking for :is() and :where() support

Newer, upcoming browser versions have improved next-level support for :is() and :where() selectors. Cockpit was checking for support an empty usage which passed on browsers in the earlier (current as of writing) implementation. However, browsers have recently updated their parsing support for "Forgiving Selector Parsing", which caused the newer development versions of Firefox, Chrome, and WebKit to fail this check, preventing the browsers from logging into Cockpit.

The check has now been adjusted so current and upcoming browser versions all pass.

Additionally, hotfixes for older supported affected versions of Cockpit have been published for CentOS, Debian, and Ubuntu. If you have an error while trying to log in with a new browser on an older Cockpit version, please upgrade your version of Cockpit.

Huge thanks to Emilio Cobos Álvarez for bringing this to our attention and sending a PR with a fix!

Is there any browser extension that adds support for :is() and :where()? Don't Edge and Chromium support extensons for third-party/custom JavaScript procedures?

Is there any browser extension that adds support for :is() and :where()? Don't Edge and Chromium support extensons for third-party/custom JavaScript procedures?

@Verld:

(No, there's no extension for this, nor should there be. It's simply not needed. Browsers have had this functionality for years already. Only extremely insecure browser versions don't support it.)

Chromium and Edge have both supported :is() and :where() for a very, very long time in web browser time (31 major versions ago for Chromium and 42 major versions ago for Firefox). This bug was also fixed a while ago in Cockpit (27 major releases ago), and it shouldn't affect anyone, as all distributions have since been fixed (most at the time of publication of Cockpit release 277, in September of 2022). People were only somewhat affected in the timespan of a week or two (depending on your browser version and distro) of the middle of 2022, with newer browser versions at the time and older Cockpit versions also at the time.

https://caniuse.com/mdn-css_selectors_where (Jan 2021 for Blink based browsers, which includes Chromium and Edge. Even earlier for Firefox and WebKit.)

This was fixed in Cockpit, along with backports in the middle of last year. (See dates above.) There was only a short week or two window when browsers updated their usage of :is() and :where() and didn't support Cockpit's usage. Earlier browsers didn't have a problem, and Cockpit was quickly updated for later browser versions too. We even published a workaround for an immediate fix (as some distributions took a week or two longer than expected for a hotfix).

Make sure you update your software: Update both your system that has Cockpit (including the Cockpit packages) and especially your browsers. If you're seeing this problem, then you're woefully out of date with Cockpit and your browser, and probably have security problems on your system (assuming your browser and/or your system are out of date — there have been many CVEs in various parts of all OSes and browsers since this timeframe).

TL;DR (summary): Update your version of Cockpit (and your system too, as other packages are probably out of date as well) and make sure your browser is also up to date.