dandi / dandiarchive-legacy

Code for the DANDI Web app
https://dandiarchive.org
Apache License 2.0
9 stars 9 forks source link

Test for being allowed to place a cookie and inform if not #768

Closed yarikoptic closed 3 years ago

yarikoptic commented 3 years ago

750 provided a workaround for my initial symptom but not the underlying issue -- not allowed cookies: https://github.com/dandi/dandiarchive/pull/750#issuecomment-864098495

if browser has cookies disabled -- the same issue happens without any iframe

image

Didn't look into details of current policies (AFAIK required for GDPR at least), but as most of the sites request confirmation of the "Cookie consent" -- we need to

After this addressed, #750 could then be reverted AFAIK

waxlamp commented 3 years ago

@yarikoptic, are you seeing this when blocking third-party cookies? I have my browser (Brave) set to disallow third-party cookies and the archive works just fine for me. If I disable all cookies then I do get a broken (i.e., blank) site and we should definitely display an actual error message in that case, but I'm confused about your reports in the other thread (https://github.com/dandi/dandiarchive/pull/750#issuecomment-864098495) about third-party cookies being disabled.

yarikoptic commented 3 years ago

IIRC: It was not about native visiting dandiarchive (cookies are native them) . dandiarchive's cookies become 3rd party whenever dandiarchive.org is in iframe.

waxlamp commented 3 years ago

Oh yes, thanks for reminding me.

mvandenburgh commented 3 years ago

I was able to fix the crash that occurs from our OAuth client attempting to access localStorage, but strangely enough VJSF also attempts to access localStorage (and subsequently crashes the page if cookies are disabled). This seems to be a bug in the library since I can't find any mention of localStorage/cookies in the VJSF docs. As far as I know (someone please correct me if I'm wrong), there isn't a way to "hook into" the library code and catch exceptions, so this is something that needs to be fixed in VJSF upstream.

mvandenburgh commented 3 years ago

833 fixes this "localStorage" error in our OAuth client and an upstream fix for vjsf has been merged https://github.com/koumoul-dev/vuetify-jsonschema-form/pull/283, so this should be solved now.

@yarikoptic can you test with https://deploy-preview-833--gui-dandiarchive-org.netlify.app/ and let me know if this issue is resolved for you?