Unable to use Google Sign-in for Zendesk on support.bettercloud.com with ETP enabled
Categories
(Core :: Privacy: Anti-Tracking, defect, P2)
Tracking
()
People
(Reporter: alberts, Unassigned)
References
(Blocks 2 open bugs, )
Details
(Whiteboard: [tp-login])
Steps
- Have TP set to Standard or Strict
- Go to https://support.bettercloud.com/hc/en-us
- Click on "Sign In" (top right corner)
- Sign in with Google (goes to https://accounts.google.com/o/oauth2/auth/oauthchooseaccount?client_id=xxx)
Expected
Redirect to the originally requested page or the support homepage.
Actual
Redirect to the login landing page https://support.bettercloud.com/access/unauthenticated?return_to=
Console
In the console when blocked I can see these warnings:
Cookie “_zendesk_authenticated” has been rejected because it is already expired.
Request to access cookie or storage on “<URL>” was blocked because it came from a tracker and content blocking is enabled. (6)
Request to access cookie or storage on “https://bettercloud.zendesk.com/auth/v2/login/signin?return_to=” was blocked because it came from a tracker and content blocking is enabled.
Request to access cookie or storage on “https://bettercloud.zendesk.com/auth/v2/login/signin?return_to=” was blocked because it came from a tracker and content blocking is enabled. (2)
Request to access cookie or storage on “https://bettercloud.zendesk.com/cdn-cgi/bm/cv/2172558837/api.js” was blocked because it came from a tracker and content blocking is enabled.
Request to access cookie or storage on “https://bettercloud.zendesk.com/auth/v2/login/signin?return_to=” was blocked because it came from a tracker and content blocking is enabled. (2)
Request to access cookie or storage on “https://bettercloud.zendesk.com/cdn-cgi/bm/cv/result?req_id=5c080a6f8d7bfd1e” was blocked because it came from a tracker and content blocking is enabled. (2)
Request to access cookie or storage on “https://bettercloud.zendesk.com/auth/v2/login/signin?return_to=” was blocked because it came from a tracker and content blocking is enabled.
|
Reporter | |
Updated•4 years ago
|
|
|
Reporter | |
Updated•4 years ago
|
|
||
Comment 1•4 years ago
|
||
It seems that this issue could be reproduced if we enable either dFPI or strict list.
|
||
Comment 2•4 years ago
|
||
Unfortunately I believe this breakage is expected. We've long had breakage on Zendesk-supported help sites (Bug 1540810).
See this comment on their help page related to the issue. It says "If we detect that you’re using Safari and are accessing a hostmapped account, the login page will display a warning label with a prompt to Continue. Any social sign in options, and Sign in button will be disabled at this point.". We should have the same breakage as Safari users when the level 2 cookie blocking list or dFPI is active, so I suspect this also means social logins into Zendesk's embedded iframe aren't supported when third-party cookie blocking is active.
I just reached out to them (see Bug 1540810 Comment 29) to see if we can at least get the non-social logins fixed via the Storage Access API.
|
|
||
Comment 3•4 years ago
|
||
I've verified that Google login works just fine if Cookie blocking is disabled. (Note that the resource blocking part of ETP Strict does not block Zendesk). The reason you see breakage in Standard in Strict is because both enable cookie blocking.
|
||
Updated•4 years ago
|
|
|
||
Comment 4•4 years ago
|
||
Dimi, please check if this is a duplicate of bug 1540810.
|
|
||
Updated•4 years ago
|
|
||
Comment 5•4 years ago
|
||
(In reply to Ethan Tseng [:ethan] from comment #4)
Dimi, please check if this is a duplicate of bug 1540810.
Yes, as Steven mentioned in Comment 2, they are both because we have breakage on Zendesk-supported sites.
But I think we should still keep this one to make sure we'll verify this issue after Zendesk adopt storage access API on Firefox.
|
||
Comment 6•4 years ago
|
||
Zendesk uses the Storage Access API now! Signin works for me.
Description
•