Webbrowser (chrome, opera) window is not able to receive focus (freeze) after prompt for pressing two-factor key (Yubikey) times out

Summary

To trigger this bug a two-factor authentication key has to be added to the user in the Gitlab-CE instance or on gitlab.com. When Windows shows the prompt to press the button on the two-factor key (Yubikey) the browser window looses focus. When the user presses the button on the two-factor key the login process works flawlessly. When the user does not press the button the prompt disappears, but leaves the browser window in an unclickable, unresponsive state. This occurs when using Chrome and Opera, but not when using Firefox (the window does not time out).

The bug occurs when logging into gitlab, but not with github, even when using the same hardware / software (OS, browser, 2FA key) and the same prompt appears.

Steps to reproduce

• GitLab version:
  • 12.4.2 (393a5bda)
  • 12.6.0 (fc376e40baf)
  • 12.6.3 (13cad23a0e4)
  • 12.7.0 (238e9790)
  • 12.7.5 (b0fe37ef58e)
• Chrome version:
  • 78.0.3904.97 (Official Build) (64-Bit)
  • 79.0.3945.88 (Official Build) (64-Bit)
  • 80.0.3978.0 (Official Build) (64-Bit)
  • 81.0.4039.0 (Official Build) (64-bit)
• Opera version: 65.0.3467.42, Stable, Windows 10 64-bit
• Windows version:
  • Windows 10 Pro 19023.vb_release.191108-1432 (Insider Build), 20H1
  • Windows 10 Pro 2004 (19037.1) (Insider Build), 20H1
  • Windows 10 Pro 2004 (19536.1) (Insider Build)
  • Windows 10 Pro 2004 (19541.1) (Insider Build)
  • Windows 10 Pro 2004 (19551.1) (Insider Build)

Register a two-factor key on gitlab.com or on a gitlab-ce instance. Use chrome or opera to log in. When asked to press the button on the two-factor key do nothing and wait approximately 5s.

Example Project

Not dependent on any project interaction.

What is the current bug behavior?

The browser window (chrome, opera) freezes and can not be closed or clicked. The "Try again?" and "Sign in via 2FA code" button is not usable. An error is displayed in the "Two-Factor Authentication" box: "There was a problem communicating with your device. (error code: 5)". The window can not be closed using the Windows taskbar or the close button on the top right of the window. Scrolling is still possible, ALT + F4 works.

What is the expected correct behavior?

The dialog should time out and the UI should be responsive again.

Relevant logs and/or screenshots

Chrome Console:
...
Extension JS API Version: 1.1 (u2f.js:632)

Output of checks

This bug also happens on GitLab.com.

Results of GitLab environment info

Expand for output related to GitLab environment info

I have replaced the domain name with "some.domain".
System information
System:
Current User:	git
Using RVM:	no
Ruby Version:	2.6.3p62
Gem Version:	2.7.9
Bundler Version:1.17.3
Rake Version:	12.3.3
Redis Version:	3.2.12
Git Version:	2.22.0
Sidekiq Version:5.2.7
Go Version:	unknown
GitLab information
Version:	12.4.2
Revision:	393a5bdafa2
Directory:	/opt/gitlab/embedded/service/gitlab-rails
DB Adapter:	PostgreSQL
DB Version:	10.9
URL:		https://some.domain
HTTP Clone URL:	https://some.domain/some-group/some-project.git
SSH Clone URL:	git@some.domain:some-group/some-project.git
Using LDAP:	no
Using Omniauth:	yes
Omniauth Providers:
GitLab Shell
Version:	10.2.0
Repository storage paths:
default: 	/var/opt/gitlab/git-data/repositories
GitLab Shell path:		/opt/gitlab/embedded/service/gitlab-shell
Git:		/opt/gitlab/embedded/bin/git

Results of GitLab application Check

Expand for output related to the GitLab application check

Checking GitLab subtasks ...
Checking GitLab Shell ...
GitLab Shell: ... GitLab Shell version >= 10.2.0 ? ... OK (10.2.0)
Running /opt/gitlab/embedded/service/gitlab-shell/bin/check
Internal API available: OK
Redis available via internal API: OK
gitlab-shell self-check successful
Checking GitLab Shell ... Finished
Checking Gitaly ...
Gitaly: ... default ... OK
Checking Gitaly ... Finished
Checking Sidekiq ...
Sidekiq: ... Running? ... yes
Number of Sidekiq processes ... 1
Checking Sidekiq ... Finished
Checking Incoming Email ...
Incoming Email: ... Reply by email is disabled in config/gitlab.yml
Checking Incoming Email ... Finished
Checking LDAP ...
LDAP: ... LDAP is disabled in config/gitlab.yml
Checking LDAP ... Finished
Checking GitLab App ...
Git configured correctly? ... yes
Database config exists? ... yes
All migrations up? ... yes
Database contains orphaned GroupMembers? ... no
GitLab config exists? ... yes
GitLab config up to date? ... yes
Log directory writable? ... yes
Tmp directory writable? ... yes
Uploads directory exists? ... yes
Uploads directory has correct permissions? ... yes
Uploads directory tmp has correct permissions? ... yes
Init script exists? ... skipped (omnibus-gitlab has no init script)
Init script up-to-date? ... skipped (omnibus-gitlab has no init script)
Projects have namespace: ...
3/3 ... yes
3/4 ... yes
3/5 ... yes
3/6 ... yes
3/8 ... yes
3/9 ... yes
5/15 ... yes
14/28 ... yes
12/36 ... yes
4/37 ... yes
21/38 ... yes
2/41 ... yes
2/42 ... yes
2/43 ... yes
5/44 ... yes
2/46 ... yes
5/48 ... yes
5/49 ... yes
2/52 ... yes
12/54 ... yes
12/62 ... yes
2/64 ... yes
18/65 ... yes
21/66 ... yes
2/73 ... yes
2/74 ... yes
42/75 ... yes
2/77 ... yes
46/79 ... yes
2/81 ... yes
46/82 ... yes
2/83 ... yes
2/84 ... yes
2/85 ... yes
47/86 ... yes
47/87 ... yes
47/88 ... yes
47/89 ... yes
47/90 ... yes
47/91 ... yes
47/92 ... yes
47/93 ... yes
47/94 ... yes
47/95 ... yes
2/97 ... yes
46/98 ... yes
2/99 ... yes
2/100 ... yes
2/101 ... yes
2/102 ... yes
2/103 ... yes
2/104 ... yes
2/105 ... yes
2/107 ... yes
2/108 ... yes
2/109 ... yes
2/110 ... yes
2/111 ... yes
2/112 ... yes
46/113 ... yes
46/114 ... yes
46/115 ... yes
46/116 ... yes
2/117 ... yes
2/118 ... yes
52/119 ... yes
14/120 ... yes
2/121 ... yes
2/122 ... yes
57/123 ... yes
57/124 ... yes
2/125 ... yes
57/126 ... yes
2/127 ... yes
57/128 ... yes
2/129 ... yes
46/130 ... yes
2/131 ... yes
2/132 ... yes
2/133 ... yes
63/134 ... yes
63/135 ... yes
2/136 ... yes
2/137 ... yes
2/138 ... yes
2/139 ... yes
2/140 ... yes
2/141 ... yes
2/148 ... yes
2/149 ... yes
2/151 ... yes
46/152 ... yes
2/153 ... yes
2/154 ... yes
2/155 ... yes
2/156 ... yes
2/157 ... yes
2/158 ... yes
2/159 ... yes
2/160 ... yes
2/161 ... yes
2/162 ... yes
2/163 ... yes
2/164 ... yes
2/165 ... yes
2/166 ... yes
2/167 ... yes
2/168 ... yes
2/169 ... yes
2/170 ... yes
2/171 ... yes
2/172 ... yes
2/173 ... yes
2/174 ... yes
13/175 ... yes
2/176 ... yes
21/177 ... yes
2/178 ... yes
2/179 ... yes
2/180 ... yes
2/181 ... yes
2/182 ... yes
2/183 ... yes
2/184 ... yes
2/185 ... yes
60/186 ... yes
2/187 ... yes
2/188 ... yes
59/189 ... yes
2/190 ... yes
2/191 ... yes
2/192 ... yes
2/193 ... yes
2/194 ... yes
2/195 ... yes
2/196 ... yes
63/197 ... yes
13/198 ... yes
60/200 ... yes
60/201 ... yes
13/202 ... yes
60/203 ... yes
2/204 ... yes
63/205 ... yes
60/206 ... yes
2/207 ... yes
17/208 ... yes
21/209 ... yes
63/210 ... yes
2/212 ... yes
2/213 ... yes
63/214 ... yes
2/215 ... yes
2/216 ... yes
63/217 ... yes
2/218 ... yes
2/219 ... yes
2/220 ... yes
2/221 ... yes
2/222 ... yes
2/223 ... yes
2/224 ... yes
2/225 ... yes
2/226 ... yes
2/227 ... yes
2/228 ... yes
2/230 ... yes
2/231 ... yes
2/232 ... yes
2/233 ... yes
2/234 ... yes
21/235 ... yes
2/236 ... yes
63/237 ... yes
63/238 ... yes
63/239 ... yes
2/240 ... yes
63/241 ... yes
63/242 ... yes
Redis version >= 2.8.0? ... yes
Ruby version >= 2.5.3 ? ... yes (2.6.3)
Git version >= 2.22.0 ? ... yes (2.22.0)
Git user has default SSH configuration? ... yes
Active users: ... 16
Is authorized keys file accessible? ... yes
Checking GitLab App ... Finished
Checking GitLab subtasks ... Finished

Possible fixes

Use Firefox?