Confirm compatibility with new SameSite cookie rules
Avoid fake accounts to participate
(Sorry for the non-native English). Fake accounts seems to be a big issue because we pay for users. The system should have some kind of filter (captcha + IP list + ... I don't know) to avoid automatically shill, fake and socket puppets accounts. I am reporting this as bug and not feature request because it affects negatively an account spending.
Closing modal moves scroll position
If you open the any modal (edit comment, image viewer, etc), then closing it will jump the scroll position back to the top of the screen. Subtle but annoying.
Intercom modal loses text if you click off it
The text doesn't persist if you click off the modal, maybe to copy text from another window, so you need to either write the post or collate it in another application.
Widget doesn't work on Brave browser
It looks that Brave doesn't allow to access the `sessionStorage`. More information here: https://community.brave.com/t/multiple-websites-not-functioning-due-to-cookies-or-sessionstorage-issues/70839 Example: https://kitsu.io/feedback/feature-requests/
Notifications on same page don't refresh
If you're on a post and get a notification regarding that same post and click on it, nothing happens (probably because react-router or whatever routing system sees that it's on the same page). The expected behavior would be that the pages refreshes or that the comment appears in real time using Web Sockets or something like that.
Make SSO redirect work with third party cookies disabled
With both Chrome and Safari, Canny doesn't appear to work. It continues to display the login page when already logged in.
I have turned on single sign-on with private boards so users must log in to our application to see Canny. We are also using a custom domain. The redirect URL that Canny uses in the single sign-on flow is the canny.io URL instead of our custom domain.
Fix widget for users with third party cookies disabled
They should be able to view (and potentially use?) the widget even with third party cookies disabled. I think this will probably only work with SSO, because we'll need cookies otherwise.