End users can't sign in with Safari

56 コメント

  • Tobias Linder-Geiger

    This is really of high urgency. Seems that this feature is activated on all new macOS setups and it can't be that users have to reduce security and privacy settings just to create a ticket for support.

    I actually just wanted to create a ticket with Code42 Support and did run into the same issue there.

    Please help! It's really urgent.

    7
  • Vyacheslav Skorbezh

    Hey Brett,

    This incident hasn't been closed yet? 

    2
  • John Niernberger

    😂 We just onboarded a new agent this morning and they had the same Safari issue lol, thought they were bringing it to our attention.  We were like "yeah check out this year old ticket here.  We've all been there done that." 

    Then comes Ryan's post just a few minutes later, had a good laugh about that.

    2
  • Frits van Dee

    Any update on this? We do have customers that use Safari and can not log in on our help center. I can not tell them to use another browser. What can we do to support our customers without the hassle with logins?

    1
  • Devan - Community Manager
    Zendesk Community Team

    Hello Alan Hirshberg,

    I've gone ahead and opened a ticket on your behalf due to the nature of this issue, so one of our Advocates can look into this further for you. You should expect a response on this issue relatively soon, and we appreciate your patience.

    Best regards. 

    1
  • Fox

    All safari users have this problem. I open my osx support to everything including all cookies and all website datas. Zendesk is still broken and can not be used. Safari is telling me that the support pages can not be shown because of cookie restrictions. It doesn't matter if safari is allowed to do anything.

    Zendesk, we need a solution for that. I have several sites I want to use the support pages and can not login because of safari. To use another browser is not convenient because some users are using only the system browser. To tell customers to install another browser is not a solution. thanks for help R.

    1
  • Brian Keare

    As CIO of our company using Zendesk, we are actively looking at alternatives because of Zendesk's inability to sort this out and general lack of sophistication around security.  The idea that allowing "cross-site tracking" is necessary because of "increased" security requirements in Zendesk is a total fallacy - it is actually indicative of Zendesk lack of sophistication and ability to leverage best practices.

     

    -Brian

    1
  • Alan Hirshberg

    Not to be too cranky, but you guys opened a ticket for me on the exact same issue on 12/17/2019 and there has been no movement. I don't see what creating another ticket does in terms of finding a solution. 

    1
  • Pepijn Van Eeckhoudt

    Seconding that sentiment Alan. I opened a ticket for this on 11/25/2019 and all I got as a 'solution' so far was to try clearing my browser's cache.

    The root cause of the problem is that the login page counts on cookies bound to `zendesk.com`. When you enable host mapping the login page still tries to use the `zendesk.com` cookie even though you're accessing it from a completely different domain. You then get errors in Safari like:

    Blocked a frame with origin "https://<domain>.zendesk.com" from accessing a frame with origin "https://<mapped host>". Protocols, domains, and ports must match.

    How hard can it be to get this fixed...? Don't use host mapped domains for the sign-in page, load the iframe using the mapped host name, whatever works. I saw reports of this problem on twitter more than half a year ago. You would think getting login working would be a high priority issue.

    1
  • Steve Wolaver

    This whole issue is so frustrating. 

    1
  • Adam Reid

    Hi Brett,

    We are also experiencing issues with this for some of our customers using Chromium and Brave browsers. This is a screenshot of the errors some of our customers are experiencing when trying to login to our Help Center.

    The error is 'Refused to display https://<company>.zendesk.com/access/login' in a frame because it is set 'X-Frame-Options' to 'SAMEORIGIN'.

    If you could please create a ticket on our behalf to track this, we'd like an update as soon as there is a fix.

    1
  • Ryan

    @Brett - our clients are having the same issue.  Can you open a ticket to keep us posted on this too?

    1
  • Noah Mehl

    Devan - Community Manager I'm familiar with how to adjust browser settings to: make them less secure.  That's not a solution for the actual problem, which is a cross-domain cookie implementation.  Not to mention, I don't control the browsers of all of my clients, so, this is moot for them.

    1
  • Tobias Linder-Geiger

    Totally agree with Noah Mehl here! Devan - Community Manager is not a solution but a way to make the browser less secure.

    Zendesk should help us being better at solving the technical issues our users have and not create new ones! 

    I have a ticket open since October 8th. This is 6 months! I can't believe that we are paying 12'000 Euros a year for a solution that has such a serious bug and doesn't resolve it in a timely manner but we are locked in with so many workflows connected to the zendesk help portal.

    BTW: I requested again a status today and got the same answer like in January: The engineers war working on a solution but there is no ETA.

    1
  • Devan - Community Manager
    Zendesk Community Team

    Hello Ngawai,

    So one thing I would make sure regarding the use of Safari or any other web browser is that it is updated within two update cycles to ensure common bugs don't arise. If you are noticing that other browsers such as Chrome don't reproduce this issue, then I would strongly recommend you stick with it until a new iteration of Safari is published.

    I've also included a link to our system requirements and recommendations guide in case you need more info on browser related issues.

    Let me know if you have any other questions or require a bit more depth on the topic.

    0
  • Brett Bowser
    Zendesk Community Team

    Hey Frits,

    I'm actually surprised that end-users are unable to sign in using Safari. I did some testing on my end but wasn't able to replicate this issue on my end. Do the end-users receive some sort of error when they attempt to sign in using Safari? Would you be able to provide a screenshot?

    Let me know!

    0
  • Noah Mehl

    This is absolutely an issue!  Safari is preventing the iFrame for sites using hosted SSL.  If you're not using CNAME, it may not be an issue.  But most of us want some level of white labeling.

     

    0
  • Noah Mehl

    Users *can* disable "Prevent cross-site tracking", and RESTART Safari (just disabling it is not enough, apparently).  But this should NOT be necessary, as users like their privacy...

    0
  • Osei Poku

    We are also seeing this issue. We have the host mapping enabled to our own subdomain at "help.<mycompany>.com". Our Safari users are unable to log in due to the "Prevent cross-site tracking" option. When that option is enabled, the iframe at the "*.zendesk.com" subdomain is unable to set the cookie to the enclosing "help.<MYCOMPANY>.com" domain. When I disabled the option and restarted Safari, I was able to log in successfully.

    0
  • Brett Bowser
    Zendesk Community Team

    Hi Osei and Noah,

    I checked with our team, and I'm afraid to say that there's currently no workaround to keep the option to prevent cross-site tracking enabled. Currently, when using Safari, the option must be deselected for users to view your Help Center.

    I understand why this can be a roadblock for you and I've already passed this feedback along to the appropriate team so they're aware of this issue.

    Thanks for bringing this to our attention!

    0
  • Hamish Brewster

    Hi all,

    Based on my experience and testing, this does not appear to be an issue with 'Cross site tracking' (I have always had this enabled), but rather corrupted Cookie data.

    If you want to verify this yourself, try logging in with an 'InPrivate/Incognito' window (Shift + Command + N) or clear your cookies via Preferences > Privacy > Manage Website Data.

     

    Steps to Replicate:

    - User receives error message

    - Click link to enable cookies - Nothing happens

    - Clear Cookie data

    - Click link on login page again - Issue resolved

     

    This issue has come and gone over the last year or so but it seems to be here to stay with the lates MacOS Catalina, and has become a daily issue for our users. 

    0
  • Xavier MENEBOODE

    Same problem here since I updated Safari to Version 13.0.4 (14608.4.9.1.4).

    Running macOS Mojave 10.14.6 (18G2022)

    Cross-Site protection is disabled. Cookies are allowed.

    Looking at Safari Console, I see the following error when I click on the Start again connexion option that links to
    https://doxense.zendesk.com/auth/v2/login/set_cookie

    SecurityError: Sandbox access violation: Blocked a frame at "https://doxense.zendesk.com" from accessing a cross-origin frame. The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.

     

    0
  • Brett Bowser
    Zendesk Community Team

    Hey Xavier,

    It looks like this is a known issue with our Dev team currently looking into this. I'll create a ticket on your behalf so we can investigate further.

    Cheers!

    0
  • Alan Hirshberg

    Just wanted to chime in that I'm having the same issue when trying to log in as an agent. This was a problem  in the past but went away with one of the recent Safari updates. I just upgraded my system to OS-X 10.15.2 and the problem returned.

    0
  • Alan Hirshberg

    Another note: Clearing all browser history/cookies does solve the problem. However, I am unwilling to do this. I've deleted the info specifically for entries with "Zen" in them, but that doesn't help. Maybe your site is installing a cookie with a name that doesn't contain "zen?"

    0
  • Оралов, Владимир

    Hello!
    Safari 13.0.4 (15608.4.9.1.3), MacOS 10.15.12
    Same problem for me.
    Cross-Site protection is disabled. Cookies are allowed.
    But at the login page I see the error about cookies.

    0
  • Brett Bowser
    Zendesk Community Team

    Hey Оралов,

    Thanks for taking the time to share this with us! I'm going to bring this into a ticket so our Customer Advocacy team can look into this.

    You'll receive an email shortly stating your ticket has been created.

    Cheers!

    0
  • Janice Fiorenza

    We continue to receive questions from our end users on why they are unable to login using their iPhones etc. The most recent: "I’m getting a browser restricts cookie usage message and to click to restart my sign on which takes me right back to the message. I checked my settings on my phone and Ipad and I am not blocking any cookies. Not sure what to do." We use Zendesk to communicate in a HIPAA supported forum, and if they cannot login to see the comments on the tickets, then what is the work-around besides installing Chrome on their phones/tablets?

    0
  • Brett Bowser
    Zendesk Community Team

    Hey Janice,

    It looks like we have a problem ticket related to this issue. I'm going to create a ticket on your behalf so our Customer Advocacy team can look into this further.

    Cheers!

    0
  • German Mosquera

    Same issue with Safari here. I checked workaround from

    https://support.zendesk.com/hc/en-us/community/posts/115006147787-Disable-3rd-party-cookie-requirement-globally 

    ...but no luck.

    It would be great to know what browser is fully supported with Zendesk and, if Safari is among them it would be great to know an estimated time for a solution.

    Thanks

    0

投稿コメントは受け付けていません。

Powered by Zendesk