search

tournesol-app / tournesol

Free and open source code of the https://tournesol.app platform. Meet the community on Discord https://discord.gg/WvcSG55Bf3
https://tournesol.app
Other
332 stars 48 forks source link

Blank page when cookies are blocked #2013

Closed ipnoz closed 2 months ago

ipnoz commented 2 months ago

This is a common problem that I can encounter on several websites :

I block by default all cookies with Firefox, and the Tournesol.app simply display a blank page, because probably of CORS...

It is a pity that users cannot access this particular website without cookies

ipnoz commented 2 months ago

Capture d’écran_2024-09-15_11-51-55

amatissart commented 2 months ago

Hi @ipnoz, thanks for your feedback.

Strictly speaking, HTTP cookies are not be necessary to visit tournesol.app, but blocking "cookies" on Firefox will actually cause other kinds of persistent storage to be disabled, including localStorage. And that's why you can see an exception "The operation is insecure" in the console in this case: the access to the localStorage has been rejected with a security error.

Tournesol relies on the localStorage for several reasons, for example to persist some preferences for non-authenticated users. Although we had a few checks in place to anticipate the case when localStorage would not be available, this error was not handled properly.

I tried to fix that in PR #2018 (still under review). That should avoid this error and allow to visit the website with "cookies" blocked on Firefox, even if some minor features that require to persist some data on the browser may not behave as expected. I will keep you updated when the fix is deployed.

Note that the error about CORS is unrelated: it's about requests to our Plausible instance, the tool we are using for privacy-preserving analytics on Tournesol. It's probably blocked on your configuration, but that's not an issue to access the website.