Hi @eoin-oshea and welcome to GitHub! This is very surprising - a lot of us here at GitHub use Firefox every day, and it sounds like you’ve covered the basic checks - proxy, cookies, add-ons.

What version of Firefox are you running, and does GitHub load in a private window? Also, could you please check the browser console for errors (Tools → Web Developer → Browser Console) and let me know if you see any?

Thanks! Allie

Thanks for the quick reply! The loading doesn’t work on private windows either, just checked.
There was a few messages on the console - three video loading errors (for media resource globe-900.hevc.mp4, globe-500.hevc.mp4, and actions-autocomplete.hevc.mp4, I can’t list the whole message because each one has a web address), and the scripting error below:
🛑 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”).

The video errors I mentioned are all in the structure of:
Specified “type” attribute of “video/mp4; codecs=hevc,mp4a.40.2” is not supported. Load of media resource https://github.githubassets.com/images/modules/site/home/actions-autocomplete.hevc.mp4 failed. Trying to load from next element.
(where the video file name is replaced with the relevant video on the list, but no other value on the message is changed).
I just tried to run the login link with the console open, and got this error, maybe that might help:
▶️ GET Sign in to GitHub · GitHub [HTTP/2 406 Not Acceptable 398ms]
🛑 Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”).
As you can see, the error message is the same as the one on the previous page.

Hi @eoin-oshea you’re very welcome! Could you please take screenshots of Tools → Page Info → Security as well as About Firefox?

Security1206×1158 116 KB

About Firefox1344×734 135 KB

Dunno if this will be of help, from what I can see, these are largely the same as what you’ve shown.

aboutfirefox859×478 716 KB

Absolutely - it looks the same - my expectation with the error was that you had may have been caused by security software intercepting the site via an auto-configured proxy. Alas, it appears not.

I’d like you to next try Firefox in safe mode to be absolutely certain there are no extensions impacting this - that’s the only place I can think this blocked code may be coming from. Thanks!

Still doesn’t work. Here’s the screenshot, with console open - I assume that the extra errors are because of the safemode.

firefox-safemode-github1920×1080 464 KB

And this is the still empty login page, including a very empty console.

firefox-safemode-github-login1920×1080 137 KB

Very interesting, indeed. I’m not seeing the 406 error anymore, though - which is what I was trying to resolve, is it still in the console?

I’ll take a look at this further tomorrow if no one else has ideas in the meantime, but it’s very interesting that it’s only Firefox that is affected. Perhaps you can also try installing the latest Firefox Nightly, not because it’s going to fix the problem but because it will run as a completely isolated instance (since it’s an unstable test build) so should rule out any problems with Firefox and its configuration.

The 406 error is still there on the ‘login page’ (or lack thereof), it’s the only entry on the console (highlighted on the right-hand side in blue. I’ll give Nightly a go, and see how that plays out.

You were right to check if it works on Nightly, because it does. Even logs in fine.

Firefox-Nightly1920×1080 119 KB

This looks like a really interesting problem! The 406 status code says that the server didn’t have content matching one of the content negotioation headers (“Accept” and friends) in the request, assuming it’s used correctly.

If you go to the “Network” tab in the developer tools you should be able to see the request and response headers after selecting the request for https://github.com/login. I’m curious what the content negotiation headers look like, and in particularly how they compare between the two Firefox versions you tried.

I really dunno what that did, but it worked! Thank you very much!

Oh, dang, I didn’t check, sorry!

Hey @eoin-oshea you’re very welcome and I’m so glad that worked for you! We had reached the point it had to be a setting somewhere, probably related to certificate trust or security options I’d guess, so that’s the “wipe everything” option. I really don’t like doing it, especially since it means I won’t know for future what actually caused it - but I didn’t want to take up all your time having you try one setting after another!