Akamai blocks account.lenovo.com log-in
Categories
(Web Compatibility :: Site Reports, defect, P2)
Tracking
(Webcompat Priority:P2, Webcompat Score:6)
People
(Reporter: emilio, Unassigned)
References
(Blocks 1 open bug, )
Details
(Keywords: webcompat:contact-in-progress, webcompat:site-report)
User Story
platform:windows,mac,linux,android impact:site-broken configuration:general affects:some branch:release user-impact-score:300
Login XHR fails with a 403. Some other pages give an html response:
Access Denied
You don't have permission to access "http://account.lenovo.com/es/es/account/login/index.html?" on this server.
Reference #18.53d73b17.1747904411.1e300060
https://errors.edgesuite.net/18.53d73b17.1747904411.1e300060
So I think this is Akamai :(
|
Reporter | |
Comment 1•1 year ago
|
||
Annoyingly even Linux Release is affected, but Chrome works... :(
|
|
Reporter | |
Comment 2•1 year ago
|
||
Also affects macOS Nightly and release.
STR for that error is just going to https://account.lenovo.com/es/es/account/login/index.html?returnUrl=https://account.lenovo.com/es/es/account/login/index.html?returnUrl=https://account.lenovo.com/es/es/account/login/index.html
But actually I think there's another error. If strip out the query string the login seems to work, but it just hangs with a CORS error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://openapi.lenovo.com/es/es/v3/userLogin. (Reason: CORS request did not succeed). Status code: (null).
|
|
Reporter | |
Comment 3•1 year ago
|
||
Ok I think it's still akamai tho. If the response succeeds, there are CORS headers. If they get blocked by akamai, they don't include them and the CORS check fails.
|
||
Updated•1 year ago
|
|
||
Updated•1 year ago
|
Description
•