The Corsair User Forums  

Go Back   The Corsair User Forums > Customer Service > Warranty and RMA Questions

Notices

Reply
 
Thread Tools Search this Thread Rate Thread Display Modes
  #1  
Old 05-29-2020, 01:41 AM
Louiscar Louiscar is offline
Registered User
 
Join Date: Jul 2016
Posts: 32
POST ID # = 1048397
Louiscar Reputation: 10
Default Support site a mess - Can't sign in

I posted probably in the wrong place.
There is clearly a problem that many people seem to have including me.

When I try to sign in to the support site I get a completely blank screen!
Clicking on the sign in link shown in screen1 results in the following blank page and weird url. (screen2)

This happens on Chrome / Firefox and IE.

The url that does nothing is this:

Code:
https://federation.corsair.com/loginproxy.html?brand_id=360001166351&mode=login&samlContext=2bac26a4-f9a8-40cb-8ebf-ea235e652a66&spName=Zendesk
The page source is this:

Code:
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta charset="utf-8" />
    <title>Login Proxy</title>
	<script src="https://cdns.gigya.com/js/gigya.saml.js?apiKey=3_oLsX7YDx5z72XiaFCUPKnBwoy_Tq1cODFULgRaRALXBpnZ0LZ2jzlevl8Fc_0Kpz">
    {
        loginURL:"https://federation.corsair.com/login.html",
        logoutURL: "https://federation.corsair.com/logout.html"
    }
    </script>
</head>
<body>
This has been going on for ages and no one seems to have the will to find out or explain how anyone is expected to get into the support site.
I really don't understand why the web developers couldn't just do something simple like other support sites because when this is reported nothing is done about it.
Attached Images
File Type: jpg screen1.jpg (183.5 KB, 7 views)
File Type: jpg screen2.jpg (54.5 KB, 7 views)
Reply With Quote
  #2  
Old 05-29-2020, 04:19 AM
Martygj Martygj is offline
Registered User
 
Join Date: May 2020
Posts: 0
POST ID # = 1048417
Martygj Reputation: 10
Default

Suggest to change your web browser settings to accept Third Party Cookies.

Terrible setup for Corsair web pages.
Reply With Quote
  #3  
Old 05-29-2020, 04:28 AM
Louiscar Louiscar is offline
Registered User
 
Join Date: Jul 2016
Posts: 32
POST ID # = 1048419
Louiscar Reputation: 10
Default

Quote:
Originally Posted by Martygj View Post
Suggest to change your web browser settings to accept Third Party Cookies.

Terrible setup for Corsair web pages.
Thanks for the suggestion however, this isn't the reason. In Firefox I know I have that turned on but on Chrome and IE it is off and it makes no difference.

.. and yes I agree the web design and implementation is atrocious
Reply With Quote
  #4  
Old 05-29-2020, 09:20 AM
casinca casinca is offline
Registered User
 
Join Date: May 2020
Posts: 0
POST ID # = 1048458
casinca Reputation: 10
Default

I was currently checking the forum for that problem, thought it was me but seems widespread.

Also seeing all these threads concerning slow reactivity of their support team, damn doesn't bode too well...
Reply With Quote
  #5  
Old 05-29-2020, 12:21 PM
Technobeard's Avatar
Technobeard Technobeard is offline
Bearded Corsair Employee
 
Join Date: Oct 2012
Posts: 4,320
POST ID # = 1048497
Technobeard Reputation: 68
Default

Quote:
Originally Posted by Louiscar View Post
This has been going on for ages and no one seems to have the will to find out or explain how anyone is expected to get into the support site.
Quote:
Originally Posted by casinca View Post
I was currently checking the forum for that problem, thought it was me but seems widespread.
It's working fine for me and I haven't heard of any login issues outside of this thread. When did this first start for you two and are you still having it?


Quote:
Originally Posted by Louiscar View Post
I really don't understand why the web developers couldn't just do something simple like other support sites because when this is reported nothing is done about it.
Are you saying you've reported it outside of this thread? If so, how?
Reply With Quote
  #6  
Old 05-29-2020, 12:58 PM
casinca casinca is offline
Registered User
 
Join Date: May 2020
Posts: 0
POST ID # = 1048504
casinca Reputation: 10
Default

Quote:
Originally Posted by Technobeard View Post
It's working fine for me and I haven't heard of any login issues outside of this thread. When did this first start for you two and are you still having it?


Are you saying you've reported it outside of this thread? If so, how?
Happened since yesterday when i was trying to create a ticket. Anyways, it's funny because now it's suddenly working. Not sure if it's thanks to you or not but now it's good for me
Reply With Quote
  #7  
Old 05-29-2020, 02:21 PM
Louiscar Louiscar is offline
Registered User
 
Join Date: Jul 2016
Posts: 32
POST ID # = 1048520
Louiscar Reputation: 10
Default

Quote:
Originally Posted by Technobeard View Post
It's working fine for me and I haven't heard of any login issues outside of this thread. When did this first start for you two and are you still having it?


Are you saying you've reported it outside of this thread? If so, how?
Well it happens with me and having removed the contents of my host file I see it progresses. What's in the host file is a downloaded list of mal urls and bad ad / tracking sites and I really see no reason why a site like Corsair would have any issue with anything blocked there.

I reported this to Sonny Fernandez (Corsair) when I managed to log in on my tablet and report a K95 issue. He didn't appear interested in the problem.

Either way if my host file is the issue, it shouldn't be due to the fact that everything in there is to do with bad urls that no one wants or should visit.
Reply With Quote
  #8  
Old 05-29-2020, 02:47 PM
Technobeard's Avatar
Technobeard Technobeard is offline
Bearded Corsair Employee
 
Join Date: Oct 2012
Posts: 4,320
POST ID # = 1048524
Technobeard Reputation: 68
Default

Quote:
Originally Posted by casinca View Post
Happened since yesterday when i was trying to create a ticket. Anyways, it's funny because now it's suddenly working. Not sure if it's thanks to you or not but now it's good for me
Nope, nothing changed on our end.


Quote:
Originally Posted by Louiscar View Post
Well it happens with me and having removed the contents of my host file I see it progresses. What's in the host file is a downloaded list of mal urls and bad ad / tracking sites and I really see no reason why a site like Corsair would have any issue with anything blocked there.

Either way if my host file is the issue, it shouldn't be due to the fact that everything in there is to do with bad urls that no one wants or should visit.
Depends on their definition of bad urls or ad/tracking sites. This wouldn't be the first time I've seen SSO providers on these types of lists.
__________________
“Humor is reason gone mad.” - Groucho Marx
"I suggest a full frontal assault with automated laser monkeys, scalpel mines and acid." - Psychotic potato dwarf
"Do not meddle in the affairs of wizards, especially simian ones. They are not all that subtle." - Terry Pratchett
Reply With Quote
  #9  
Old 05-29-2020, 05:59 PM
Louiscar Louiscar is offline
Registered User
 
Join Date: Jul 2016
Posts: 32
POST ID # = 1048545
Louiscar Reputation: 10
Default

Quote:
Originally Posted by Technobeard View Post
Nope, nothing changed on our end.


Depends on their definition of bad urls or ad/tracking sites. This wouldn't be the first time I've seen SSO providers on these types of lists.
Well quite happy to send you the host file contents if you think there is a problem that causes Corsair support to have an issue with. If you'd like me to do that I would certainly be interested in knowing what the url is and why it should stop someone login in to a simple support site.

Frankly there should be nothing a web developer conjuours up that depends on bad sites not being blocked. This includes google analytical data gathering btw Which many people choose to block as a basic right. None of that should break a bad site.

What does break a bad site is a developer creating some kind of complex interaction for what should simply be a form to accept UID and Password, without resulting to any external conditions. How difficult is that ??

... and I have searched for any keyword existing in that url that relates in any way shape or form to an entry in the host file so yes a simple UID / Password form fails to display for complex so far unexplained reasons.

Last edited by Louiscar; 05-29-2020 at 06:08 PM.
Reply With Quote
  #10  
Old 05-29-2020, 08:38 PM
Technobeard's Avatar
Technobeard Technobeard is offline
Bearded Corsair Employee
 
Join Date: Oct 2012
Posts: 4,320
POST ID # = 1048560
Technobeard Reputation: 68
Default

Sure, PM me whatever you have and I'll take a look at it.
__________________
“Humor is reason gone mad.” - Groucho Marx
"I suggest a full frontal assault with automated laser monkeys, scalpel mines and acid." - Psychotic potato dwarf
"Do not meddle in the affairs of wizards, especially simian ones. They are not all that subtle." - Terry Pratchett
Reply With Quote
  #11  
Old 05-29-2020, 10:10 PM
Louiscar Louiscar is offline
Registered User
 
Join Date: Jul 2016
Posts: 32
POST ID # = 1048577
Louiscar Reputation: 10
Default

Quote:
Originally Posted by Technobeard View Post
Sure, PM me whatever you have and I'll take a look at it.
ok although I have PM'd you I didn't see a way to attach the host file so I am including it here for your attention.
Attached Files
File Type: zip hosts.zip (64.8 KB, 3 views)
Reply With Quote
  #12  
Old 05-30-2020, 12:42 AM
Technobeard's Avatar
Technobeard Technobeard is offline
Bearded Corsair Employee
 
Join Date: Oct 2012
Posts: 4,320
POST ID # = 1048586
Technobeard Reputation: 68
Default

Your host file is blocking the SSO. The URL's right in the page source you copied in the OP.
__________________
“Humor is reason gone mad.” - Groucho Marx
"I suggest a full frontal assault with automated laser monkeys, scalpel mines and acid." - Psychotic potato dwarf
"Do not meddle in the affairs of wizards, especially simian ones. They are not all that subtle." - Terry Pratchett
Reply With Quote
  #13  
Old 05-30-2020, 02:25 AM
Louiscar Louiscar is offline
Registered User
 
Join Date: Jul 2016
Posts: 32
POST ID # = 1048591
Louiscar Reputation: 10
Default

Quote:
Originally Posted by Technobeard View Post
Your host file is blocking the SSO. The URL's right in the page source you copied in the OP.
Ok .. cdns.gigya.com I hadn't checked that script line obviously.
Gigya.com has iffey practices and so that is why it is in a lot of block lists.
eg. Ethical violations and ..

"Used by several large marketing companies this site collects personally identifiable data in order to help create a profile for customers to help with targeted ads etc. The fact that j avascript originating from this site is used by many others to implement cross-site "social login" strongly suggests identity/privacy risks... consider the data these sites can aggregate and cross-link from multiple sources. "

https://better.fyi/trackers/gigya.com/

Disappointed that Corsair are party to using such dubious data mining services and in doing so it would appear deliberate as they are taking advantage of that data themselves no doubt.
No wonder there are others (google " can't log in to corsair"), that complain, they probably also got block lists for their host files because not Everyone wants to p*ss away their privacy.
Reply With Quote
  #14  
Old 05-30-2020, 07:28 PM
Technobeard's Avatar
Technobeard Technobeard is offline
Bearded Corsair Employee
 
Join Date: Oct 2012
Posts: 4,320
POST ID # = 1048647
Technobeard Reputation: 68
Default

Quote:
Originally Posted by Louiscar View Post
Ok .. cdns.gigya.com I hadn't checked that script line obviously.
Gigya.com has iffey practices and so that is why it is in a lot of block lists.
eg. Ethical violations and .. https://better.fyi/trackers/gigya.com/
Looks like better.fyi added that page 10 months ago. They link to a definition of "ethical design" and say that Gigya's violation of this is: "Tracker: monetises you". That's it. I don't see any discussion on this or evidence of it.


Quote:
Originally Posted by Louiscar View Post
"Used by several large marketing companies this site collects personally identifiable data in order to help create a profile for customers to help with targeted ads etc.
...
The fact that j avascript originating from this site is used by many others to implement cross-site "social login" strongly suggests identity/privacy risks... consider the data these sites can aggregate and cross-link from multiple sources. "
Looks like those are from 2 people's reviews on Web of Trust's site in 2015.


https://en.wikipedia.org/wiki/Single_sign-on
Quote:
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent, software systems.
Our SSO system is used so that you only need one login for our webstore and support portal. When you create an SSO account on those platforms, it requires you to accept Corsair's Terms and Conditions as well as Privacy Policy, and of course it give you links directly to them.


Quote:
Originally Posted by Louiscar View Post
Disappointed that Corsair are party to using such dubious data mining services and in doing so it would appear deliberate as they are taking advantage of that data themselves no doubt.
If you don't want to consent to the Terms and Conditions and/or Privacy Policy - don't. Creating a login is totally optional. The web store has guest checkout, and the support portal allows you to create tickets without logging in.


Quote:
Originally Posted by Louiscar View Post
No wonder there are others (google " can't log in to corsair"), that complain, they probably also got block lists for their host files because not Everyone wants to p*ss away their privacy.
Googling that got me 4 results. 2 are for a college's website, one is for your post, and the last is a forum post from 2 months ago. Not enough info in their post to guess what their issue was.
__________________
“Humor is reason gone mad.” - Groucho Marx
"I suggest a full frontal assault with automated laser monkeys, scalpel mines and acid." - Psychotic potato dwarf
"Do not meddle in the affairs of wizards, especially simian ones. They are not all that subtle." - Terry Pratchett
Reply With Quote
  #15  
Old 05-30-2020, 11:46 PM
Louiscar Louiscar is offline
Registered User
 
Join Date: Jul 2016
Posts: 32
POST ID # = 1048661
Louiscar Reputation: 10
Default

Quote:
Originally Posted by Technobeard View Post
Looks like better.fyi added that page 10 months ago. They link to a definition of "ethical design" and say that Gigya's violation of this is: "Tracker: monetises you". That's it. I don't see any discussion on this or evidence of it.

Looks like those are from 2 people's reviews on Web of Trust's site in 2015.
Well yes - Ethical design also includes the lack of transparent data gathering, personal identifiable data collection etc. Gigya may or may not do all of those but they have been deemed suspicious in several privacy arenas

https://www.mywot.com/scorecard/gigy...-2?sort=newest
This is one of the trustable sources to get the host list from
https://someonewhocares.org/hosts/

Ghostery on Firefox even after commenting out the Gigya line stops the sign in, why ? because it deems it to be a breach of privacy.

So it's probably better to be safe even if there is conflicting views on this.

Quote:
Originally Posted by Technobeard View Post

https://en.wikipedia.org/wiki/Single_sign-on
Our SSO system is used so that you only need one login for our webstore and support portal. When you create an SSO account on those platforms, it requires you to accept Corsair's Terms and Conditions as well as Privacy Policy, and of course it give you links directly to them.
All very well in theory but in practice - what else do I need this SSO for? - it's only valid for the Corsair support site / store and no other uid / password will sign me in anywhere else including this forum. Why then would you want to share this data with 3rd parties? I really don't get it (actually I do). Are you saying that your web developers don't know how to implement a single sign in for people that use areas of your site without resorting to outsourcing?


Quote:
Originally Posted by Technobeard View Post
If you don't want to consent to the Terms and Conditions and/or Privacy Policy - don't. Creating a login is totally optional. The web store has guest checkout, and the support portal allows you to create tickets without logging in.
Well not everyone spends hours trawling through terms and conditions - perhaps I should go and read them to see if it does mention using our data in ways we might not expect it to be used.

I tend to trust (perhaps too much) companies like this where support sites are key and I also tend to register products where there is a way to do so for warranty purposes. That usually means a sign in and usually companies that do create accounts have a duty of care with our data. I'm not suggesting that Corsair has violated that duty but at this point I simply don't know.

Quote:
Originally Posted by Technobeard View Post
Googling that got me 4 results. 2 are for a college's website, one is for your post, and the last is a forum post from 2 months ago. Not enough info in their post to guess what their issue was.
Well actually I see at least 5 just for the term "Corsair can't sign in" and as you can see from the dates none of them are for my post. Attached.

I am making the point that a support site should be a smooth experience. Usually SSO is an optional affair, I assume the typical "sign on with Google or Facebook" you see is another implementation of that. But a normal sign in would be appreciated as an alternative to those and no other company or companies should be party to that data, it's users habits or anything else.

For now let's leave it at that, I hear what you are saying and it has been duly noted. I will decide on whether, when or how I need to contact Corsair support in the future should I need to but at least now I know what the problem was and can work around it.
Attached Images
File Type: jpg signin.jpg (218.7 KB, 2 views)
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 05:04 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.