TL;DR
This week, testing from the trenches series, we had a lot of fun. The root cause of the problem was that Chrome extension overrides Chrome Javascript permission settings! We had a chicken/egg problem!
Here is context. I am using the Quick JavaScript Switcher Chrome extension. It has 200 000+ installations, so it is a proven extension. It does what is supposed to do. I am using it for pages that are using Javascript to deliver annoying ads. By annoying add, I consider add that pop-up and covers the whole page. But not as a pop-up window, but as a div that is rendered in front of all other page useful content. For described pages, I disable javascript using this extension. One such site is my bank home page. I visit that page only when I need the link for internet banking.
Government Overlord
Croatia government decided to forbid travel between Counties as a measure to fight COVID-19. In this context, you need to know that Croatian people were living for 45 years in communist country Yugoslavia. Many citizens consider travel restrictions as a justified measure (they also do not approve Sweden liberal measures). It is hard to clean-off dictatorship from our way of thinking. In my opinion, the government put that measure just in case, with no critical data support that this measure helps in the COVID-19 fight. Similar as development organization is doing full application regression test when they do not know which part of the application actually changed in the next release.
Exceptions
As in any government-controlled society, there must be exceptions. We have the right to apply for the pass to do inter County traveling. What surprised me is that we actually have an application for that service. To log in, you need to have your bank token hardware (I do not know what about citizens that do not own that token). Being a lucky one, I have my bank token.
I already have a pass (my mother lives in nearby County, and she is eighty), but I got it before the application, using a manual process and email communication. It is time to renew it, and I went to ePropusnica. Here you first select your right for ePropusnica. I choose plain Ulaz za gradane (citizen request due to family reasons). Then you are redirected to token providers, mine is OTP bank. Then you have a pop-up window:
I clicked to confirm legal stuff, nothing happened. I considered that this was my bank issue and left the page. For this blog post, I reproduced a bug. I took me some time to noticed a small red x cross in the upper right corner in the address bar:
Oh, the bank is not the issue, my apologies to their development team. Hm, but I can not click to Always allow option (grey color suggest this to the reader of this blog)!?
Let’s click the blue manage button:
Javascript is blocked by an extension. And you can not make any changes here. This is the ok decision by Chrome developers, using an extension I override Chrome settings for this page.
What I learned is that extension settings override Chrome Javascript settings.
Solution
I went back to my bank home page, and I disabled javascript blocking using Quick Javascript Switcher. I needed to refresh the Government page with a list of token providers. Now the authentication pop-up window for my bank works as expected.
Conclusion
Doing my software testing consultancy, I noticed that a lot of skilled testers are not doing such analysis. Testers write automation code or do regression manual testing, but their work should be (and they are good at it), to find out root causes for similar issues that are coming from application customers. And yes, they should be paid at least equal as automation testers. It takes a lot of skill and knowledge to find out a root cause.
