Impacting Stripe: Uptick in errors from @duckduckgo-privacy-protection.js?scope=injectfirefox

[winnie-stripe]

Hello! I’m an engineer at Stripe and around 10:30am UTC 1/29 we started seeing elevated fatal errors impacting our payments iframes on webpages that integrate with the Elements product with a stack trace containing:

TypeError: can't access dead object

[email protected]?scope=injectfirefox:167:13
[email protected]?scope=injectfirefox:149:29
@duckduckgo-privacy-protection.js?scope=injectfirefox:3612:28
@duckduckgo-privacy-protection.js?scope=injectfirefox:11224:3 

We found that the error is specific to Firefox: https://blog.mozilla.org/addons/2012/09/12/what-does-cant-access-dead-object-mean/ and could mean that there is a lingering reference to an object that is no longer in memory.

From our internal debugging, we currently suspect that it is coming from here:

content-scope-scripts/injected/src/utils.js

Line 130 in 0f9d508

framingOrigin = globalThis.document.referrer;

and is firing when the tab closes on buyers’ browsers.

However, we have not been able to find whether or how there was an update to the duckduckgo extension at this time and are rather confused by the uptick in errors.

Any idea what could be causing this?

[htbkoo]

(Not sure if this is related)

Just FYI, according to the commit history, the most recent changes were made to content-scope-scripts/injected/src/utils.js in #1314

---

On the other hand, I also start seeing a spike of this error in my projects (I am not from Stripe), so I believe this is not an isolated issue in one company only 👀