As documented in numerous posts on these forums, currently it is impossible to log into Sketchup Web unless traffic to a third party content site that is not required for Sketchup to function is allowed to byapss security software. Specifically, if traffic to cdn.cookielaw.org is being blocked then the Sketchup login page will refuse to show the username and password entry windows.
This reminds me of a wifi camera I purchased on Amazon a couple of years ago where I discovered that blocking access to a few IP addresses registered to some Canadian university would cause the cameras to disable themselves. Of course I returned the cameras due to their shady and unsafe behavior. It’s a shame that Trimble would indulge in similar business practices, and based on recent European legislation this is probably illegal behavior there, although it is allowed in the USA.
So as the title says, when will this be fixed so that Sketchup for Web is usable again without bypassing normal network security features?
The “traffic” loads a Javascript file from CookieLaw servers for the OneTrust stub object, which is necessary to comply with Privacy Laws in California, the EU and elsewhere.
While I am no expert on the fine print in data privacy laws, I think I can confidently challenge the claim that any law currently in existence in California, the EU, or anywhere else states that Javascript files on CookieLaw servers must be accessible for a website to be in compliance.
If, on the other hand, there is a compliance requirement that Trimble is choosing to outsource to Cookielaw as a third party vendor, then that should be openly stated and certainly should not require sleuthing beyond the capabilities of the average user to identify why the website is broken.
I still think that ‘bug’ is a valid label for one site failing to function because a separate undocumented site is not accessible.
Okay. I probably did not say that quite right. I did not mean that the LAW required the cookielaw service specifically.
I meant that Trimble choose to use this service and “requires” it as part of the function of their secure login and (as they see it or the service claims) to meet the privacy requirements in the LAW.
I’m going to edit my previous reply and instead use the word “necessary”.
Now, I think the reason the JS object is loaded from cookielaw.org servers is so it is auto-updating. (There was text to this effect on their website.)
Now, Trimble could (if they desire so,) put the file on their server and have it load from there. But then they would have to manually update it whenever there was a change in the code.
Which is why I posted the above links so users could become informed.
Trimble SketchUp websites also use Google Analytics, but they do not advertise this either. They often refer to “implementation details” which they believe should not (as a policy) be openly shared with the public. The reason having been said, is that these details change as the products mature and they do not wish to make these “details” a contract with the users. Doing so would inhibit their ability to improve the products. (I’ve paraphrased, but this the “gist” of what they’ve said. I’ve not always agreed with this position on certain “details”. But I can live with it most times.)
Well, we shall disagree on this. It works fine for me.