Social Signup: Handle the case where users block third-party cookies/data

[pento]

This pull request addresses #13553 by disabling the Google signup button, and showing an error message, when 3rd party cookies are disabled:

Testing instructions

1. Run git checkout fix/13553-signup-3rd-party-cookies and start your server, or open a live branch
2. Open the Social Signup page
3. Check that the "Continue with Google" button is enabled, and there is no error message.
4. In your browser settings, enabled the "Block third-party cookies" setting.
5. Refresh the Social Signup page.
6. Check that the "Continue with Google" button is disabled, and there is an error message.

Reviews

• Code
• Design
• Product

[matticbot]

Test live: https://calypso.live/?branch=fix/13553-signup-3rd-party-cookies

[pento]

I just hacked in some CSS for the error message, I would appreciate a pointer as to what CSS rules I should actually be using. :-)

[gziolo]

It should be initialised to either null or an empty string ``.

[gziolo]

Can it be initialized more than once? If not then we can remove this state change.

[pento]

Yep, initialize() can be called multiple times - this.initialized won't be set until the gapi instance is properly initialised.

[gziolo]

It can be simplified to:

const buttonDisabled = Boolean( this.state.error );

[gziolo]

@Tug should we return rejected Promise in this case, too?

[Tug]

Yes, I believe we can simply remove that return statement.

[pento]

If i removed the return null, the console shows a JS error:

Object {error: "idpiframe_initialization_failed", details: "Failed to read the 'localStorage' property from 'Window': Access is denied for this document."}

[Tug]

I think it's fine to show an error in the console here. if we want to hide it in a debug() call for instance, that should be done by calling catch on the promise returned by this.initialize().

[gziolo]

I just hacked in some CSS for the error message, I would appreciate a pointer as to what CSS rules I should actually be using. :-)

I guess it needs some tweaks :)

I left my comments, those are only nitpicks. It works as advertised. Let's hear from designers before we merge this one.

[fabianapsimoes]

I wonder if we could be more proactive about this, and display the error message without a click? It's not a big issue if it's going to mean a lot more work, but it'd be nicer to disable the social buttons from start if they can't be used.

Also, since we're on signup, the copy should probably say "or sign up with an email address" instead of "or log in with an email address".

cc @breezyskies for design input. I'm not sure I've seen errors associated with buttons displayed like we're doing in this PR. I suppose we usually go with a notice in cases like this?

[fabianapsimoes]

Also, since we're on signup, the copy should probably say "or sign up with an email address" instead of "or log in with an email address".

Updated this with 61efbdd.

[breezyskies]

I'm not sure I've seen errors associated with buttons displayed like we're doing in this PR. I suppose we usually go with a notice in cases like this?

Correct, this would need to be a notice. Given the length of the copy, I don't think we can use global notices in this case, so would need to be the standard notice component.

[Tug]

I wonder if we could be more proactive about this, and display the error message without a click?

It's already the case, the lib is loaded when the component mounts. I tested it and it seems to work.

[gziolo]

Yes, there is no need to click anything.

[breezyskies]

The downside of that is we're showing an error message to someone who might not even choose to use social signup.

[fabianapsimoes]

Yes, there is no need to click anything.

Hm... Weird, I must have missed something while testing 🤔

Anyway, now that we're talking about using a notice, I have the same concern as Brie. The notice is quite prominent with its size and color, and might distract users from their actual goals (or just generally cause confusion since third-party cookies are not familiar to all users).

Maybe the best would be to indeed only display the error on click.

[gziolo]

What do you think about disable state with tooltip? We could add a small red icon indicating some error inside the button.

[davewhitley]

Color can only use one of our color variables, in this case $alert-red

[davewhitley]

Can be shortened to margin: 0 10px 10px; I believe

[davewhitley]

A lot of this text is superfluous.

But, focusing on just the error text:

• Shouldn't be red
• Google logo should also looked disabled
• Probably shouldn't even be there unless they click on the disabled button. Reason is that we don't want to distract users who don't even want to sign up with Google.

I would clean up all of the text I pointed to in the screenshot by doing this:

Or create an account using a social profile. We'll never post without your permission.

[google button disabled state]

Please enable "third-party cookies" to connect your Google account.

[facebook button]

cc @ranh for the shortened error text I wrote

[ranh]

Nice improvement on that cookies notice @drw158, 👍

Your suggestion also removes "Connect to your existing social profile to get started faster". This sentence is meant to provide additional context for users who will not immediately understand the function or benefit of the "social" buttons. I don't think it's superfluous, so I think we should keep it.

[a8ci18n]

😞 17 existing translations will be lost with this change.

[drewblaisdell]

LGTM. 👍

[drewblaisdell]

Actually, we need to fix the tests first. :) I rebased and they are failing due to the import of Popover in social-buttons/google.js.

[pento]

That this can even happen is... less than optimal. 🙃

[yurynix]

Another option is:

import classNames from 'classnames';
classNames( 'social-buttons__button', 'button', { disabled: this.state.error } );

[pento]

So many magic functions. 😁

[yurynix]

Code looks 👍 It works for me in Chrome when I disable "third party cookies" 👍 All tests pass 👍
IMO lets 🚢 it