Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ensureScrollValueMonitoring issue #6887

Closed
Andarist opened this issue May 26, 2016 · 17 comments

Comments

Projects
None yet
5 participants
@Andarist
Copy link
Contributor

commented May 26, 2016

By having our app wrapped with Sentry (error catching service) we've encountered a bug - which may not be React specific but some kind of a workaround for it should be done. With that in mind I'm not sure how to tackle it yet.

document.createEvent && 'pageX' in document.createEvent('MouseEvent');

TypeError: Cannot use 'in' operator to search for 'pageX' in null - which occurs during mounting a root component into the DOM (using React 15)

It happens really rarely in Chrome (so far caught only there, on versions 49 and 50, both Mac and Windows). With thousands renders of our app daily we got only 7 such hits in the past 3 days.

I've tried to search any info how document.createEvent('MouseEvent') can return null, but couldn't find any viable info.

With React's popularity is odd too me that nobody has filled this issue earlier which leds me to think that maybe our usage is somehow different than others and the only thing 'kinda' special is that our app is running inside an iframe.

@syranide

This comment has been minimized.

Copy link
Contributor

commented May 26, 2016

Do you have any browser/platform info? It could be a broken bot or someone running a modified environment, I've seen super weird errors that have been caused by chrome extensions and what not.

EDIT: document.createEvent('MouseEvent') AFAIK should never be able to return null (unless overloaded naturally).

@Andarist

This comment has been minimized.

Copy link
Contributor Author

commented May 26, 2016

Few of userAgents:
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36

I will be able to confirm that real users came across this error (and not a bot) in a few days. Gonna release today/tomorrow version with passing user infos to the Sentry (for now all real users are authenticated before application iframe is loaded).

As for chrome extensions messing up with the browser - ain't sure if there is any way to detect that.

@syranide

This comment has been minimized.

Copy link
Contributor

commented May 26, 2016

I guess, if you have the possibility, it would be great if you could log the value of document.createEvent, to determine if it's the native implementation or if it's for some reason overloaded. I would assume it's overloaded, but if it's actually the native implementation then something very odd is happening here.

@f0rk

This comment has been minimized.

Copy link

commented May 26, 2016

I have also received this error for:

Mozilla/5.0 (X11; CrOS x86_64 7978.74.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.103 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36

The first time I received this error was May 19th 2016. The last time was May 23rd 2016.

f0rk added a commit to truveris/react that referenced this issue May 26, 2016

@syranide

This comment has been minimized.

Copy link
Contributor

commented May 26, 2016

@f0rk Are you also dealing with iframes in your app?

@f0rk

This comment has been minimized.

Copy link

commented May 26, 2016

@syranide no, we are not using iframes in any capacity

@syranide

This comment has been minimized.

Copy link
Contributor

commented May 26, 2016

@f0rk Are you receiving it yourself or through bug reports? It would be interesting to know if document.createEvent is overloaded or not (i.e. is it still the native function). Are you using any polyfills? According to the standard it should never return null and I don't see why it should.

@f0rk

This comment has been minimized.

Copy link

commented May 26, 2016

I am receiving it through our error collection system. I am not sure of the root cause.

@Andarist

This comment has been minimized.

Copy link
Contributor Author

commented May 26, 2016

@syranide I'll hit production 2morrow with a check against document.createEvent being native, so we'll probably know in a couple of days

@syranide

This comment has been minimized.

Copy link
Contributor

commented May 26, 2016

@Andarist Oh that's awesome. Are you using any non-standard polyfills you're aware of?

@Andarist

This comment has been minimized.

Copy link
Contributor Author

commented May 28, 2016

Nope, everything is rather standard. Only Babel transforms

@f0rk

This comment has been minimized.

Copy link

commented Jun 9, 2016

Any updates on this?

@Andarist

This comment has been minimized.

Copy link
Contributor Author

commented Jun 9, 2016

had workload to do, gonna report back results in next week i guess, sorry for delay

@saiichihashimoto

This comment has been minimized.

Copy link
Contributor

commented Jun 14, 2016

Also running into this problem using rollbar instead of sentry, but same error.

@gaearon

This comment has been minimized.

Copy link
Member

commented Jun 26, 2016

If you have this error please try to figure out a way to check if document.createEvent is native or not. You can try attaching document.createEvent.toString() to the bug reports.

@Andarist

This comment has been minimized.

Copy link
Contributor Author

commented Aug 26, 2016

Hi there, I've finally found out that this faulty document.createEvent is not native. In fact it comes from this http://pastebin.com/AgmAEmxK snippet.

I've tried to find what is its source and couldnt. I dont know how its interfering with our iframe so I guess the most possible reason is that its a part of some browser extension.

Do you think we should address this in our codebase or it could be addressed in React's core? We have already over 50 users affected by that.

Anyway I'll try for now to intercept original createEvent in <head> and try to restore it just before rendering our app.

@gaearon

This comment has been minimized.

Copy link
Member

commented Aug 26, 2016

Thanks for investigating. Now that we know about the offending code and the most likely cause (a popup blocker), I’m open to adding a fix.

I left a few comments in #6893. If @f0rk is busy and doesn’t pick it up in a week or so, please feel free to submit another PR since it’s affecting you.

Thanks!

gaearon added a commit that referenced this issue Aug 31, 2016

Guarded ensureScrollValueMonitoring against some malicious script on …
…the Internet overriding native document.createEvent (fixes #6887) (#7621)

zpao added a commit that referenced this issue Sep 15, 2016

Guarded ensureScrollValueMonitoring against some malicious script on …
…the Internet overriding native document.createEvent (fixes #6887) (#7621)

(cherry picked from commit 51476de)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.