Unable to completely load a leisurelink webpage recently, stuck loading before the captcha page [Can't reproduce in 2021MR1]

[UserL]

Hello.

I used to do some bookings with this website: http://w2.leisurelink.lcsd.gov.hk/index/index.jsp?lang=en

By clicking “Facility Booking”, it should land to the Captcha page like this: http://leisurelink.lcsd.gov.hk/demo/english/01.%20Facility%20Booking%20-%20Basic%20Version/00_HumanTest.png

Since a few days ago, when I use the website again with the same step, it would be stuck on the loading page and cannot land to the Captcha page. The problem occurs on all browsers.

The helpdesk suggests that it should be a problem with the security suite, so I tried the website again by switching off KIS 2020 and the Captcha page works again. I tried to identify which KIS component caused the problem by switching off a single component one by one to test with the website but oddly, it could not reach the Captcha page with any single component switched off but shutting down KIS completely.

As the problem occurs for just a few days, I suspect that it should be related to certain update of the KIS product. Any solution to get the webpage loaded correctly without shutting down KIS?

Thank you.

[Flood and Flood's wife]

Hello @UserL, 

Welcome!

• We’ve tested with Kaspersky software protection paused & exited, we cannot replicate the issue, for us there is no eCaptcha with or without Kaspersky🤔

 

@Wesly.Zhang, please check? 

Thank you🙏

Flood🐳+🐋

[Wesly.Zhang]

Hello,

Please upgrade KIS from 2020 to 2021MR1. I can not reproduce this issue in KIS 2021MR1.

https://www.kaspersky.com/downloads/thank-you/internet-security?icid=gl_sup-site_trd_ona_oth__onl_b2c___tri-dl____kis___

Here is the video record: https://cloud.qainfo.ru/s/yaORI5PQPyTeEKQ

Regards.

[UserL]

@Flood and Flood's wife

@Wesly.Zhang

Thanks for your replies and detailed testings.

I believe that the problem could not be replicated on your systems since the Java kit is missing, and the Kaspersky product’s version is non-identical. I prefer staying with KIS 2020 until the roll-out of a more stable KIS 2021 version.

I have just managed to identify the part which caused the problem: by unchecking the box for “Inject script into web traffic to interact with web pages” under “Network” settings, the website can load properly.

It appears to be a new bug on KIS 2020 after a recent automatic update. Is there any way to solely exclude the webpage in question from script injection? And can I report the bug here?

[Flood and Flood's wife]

Hello @UserL, 

You’re most welcome☺ !

1. Try adding a Network exclusion - refer image 1, if this works please let us know, it may be regarding as a temporary workaround until the issue is fixed.
2. Create a request in your MyKaspersky account - refer image 2, fill in Application malfunction, Incompatibility with 3rd pty software template, include a full history, the URL/link to this community topic & even tho it should not be necessary - include a GSI & Windows logs, Support may request Traces, if so they will guide you with the correct steps

• 3 After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will communicate with you, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in your MyKaspersky account.
• 4 Please post the incident # here in your topic? 
• 5 Please share the outcome with the Community when it’s available?

Thank you🙏

Flood🐳+🐋

[Wesly.Zhang]

@Flood and Flood's wife

@Wesly.Zhang

Thanks for your replies and detailed testings.

I believe that the problem could not be replicated on your systems since the Java kit is missing, and the Kaspersky product’s version is non-identical. I prefer staying with KIS 2020 until the roll-out of a more stable KIS 2021 version.

I have just managed to identify the part which caused the problem: by unchecking the box for “Inject script into web traffic to interact with web pages” under “Network” settings, the website can load properly.

It appears to be a new bug on KIS 2020 after a recent automatic update. Is there any way to solely exclude the webpage in question from script injection? And can I report the bug here?

Hello,

I’m afraid KL may know this issue or bug. So they fix it in 2021 build. You can go to technolgy support platform to ask them.

There have been many problems caused by this script injection before. This is not a new problem, it is a frequent occurrence. Script injection causes some changes in the execution of the web page script, which causes some elements of the web page to be lost, and causes the original page code to fail to obtain certain parameters and stop running.

Regards.

[UserL]

@Flood and Flood's wife 

@Wesly.Zhang 

Thanks for your replies.

I tried the temporary workaround but it did not work. I read the manual  of “Manage exclusions” here: https://support.kaspersky.com/KIS/2020/en-US/68219.htm . The exclusion added will not be scanned by the listed components but possibly has nothing to do with script injection🤔

I will send a request to the Support and will update here if there is any fix.

[Wesly.Zhang]

@Flood and Flood's wife

@Wesly.Zhang

Thanks for your replies.

I tried the temporary workaround but it did not work. I read the manual  of “Manage exclusions” here: https://support.kaspersky.com/KIS/2020/en-US/68219.htm . The exclusion added will not be scanned by the listed components but possibly has nothing to do with script injection🤔

I will send a request to the Support and will update here if there is any fix.

Hello, @UserL 

Do you set the rule as the following method? After do that, Please restart the browsers.

Regards.

[UserL]

Thank you @Wesly.Zhang 

I set the rule with exactly the same method as yours (add domain name instead of particular page’s web address) and restarted browsers but they were vain attempts.

Hope to have an official fix soon.🙏

[Wesly.Zhang]

Thank you @Wesly.Zhang 

I set the rule with exactly the same method as yours (add domain name instead of particular page’s web address) and restarted browsers but they were vain attempts.

Hope to have an official fix soon.🙏

Hello,

Do you install KIS browsers plugin? If Yes, Please try to disable it and check the issue after you set above exclusion rule.

Regards.

[UserL]

Thanks @Wesly.Zhang 

I have just tried “adding exclusion” plus “disabling extension” but the method does not work😔

[Wesly.Zhang]

Thanks @Wesly.Zhang 

I have just tried “adding exclusion” plus “disabling extension” but the method does not work😔

Hello,

If you have anti-banner addone in the browser. such as adblock plus. You can create a rule for blocking the injected script from KIS. Try to create the following rule as below:

Try it and good luck !

Regards.

[Guest]

Hello! 

Have you tried to check the issue in KIS 2021 version?

If the issue is still actual - then keep conversating with Tech support.

Provide traces to Tech support (enable tracing - restart KIS - restart browser - reproduce the issue - disable tracing).

[UserL]

Thank you @Wesly.Zhang 

Your method gives a good direction. It would be worth trying if there is any add-on which can set rules to block KIS’s scripts only on specific website/domain and leave other websites unaffected.

 

Thank you @Anton Mefodys 

I prefer staying on KIS 2020 for a while to avoid other newly known issues on the 2021 version. I will continue the conversations with Tech Support and share the outcome here when available.

[UserL]

I got the reply from Tech Support that the fix will not be available in KIS 2020. I guess I have to  upgrade to the 2021 version soon.

[UserL]

@Wesly.Zhang 

If you have anti-banner addone in the browser. such as adblock plus. You can create a rule for blocking the injected script from KIS.

 

Where can I find the list of KIS’s scripts for creating the rules in Adblock Plus?

[Wesly.Zhang]

@Wesly.Zhang

If you have anti-banner addone in the browser. such as adblock plus. You can create a rule for blocking the injected script from KIS.

 

Where can I find the list of KIS’s scripts for creating the rules in Adblock Plus?

Hello,

Press F12 in any browser, browser will open console window for opened webpage. swith to network tab.

Press Ctrl+F5 or shift+F5 to re-flash the webpage.

You will find KIS’s scripts in network traffic.

PS. There are different fake domains used in different browsers. This is Edge case.

Regards.