• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

As designed Can't Login with cookies disabled

dartho

Active member
#1
If you have cookies blocked, you cannot log into XenForo - no errors are kicked up, it just returns you to the screen you were viewing, still not logged in.
 

Mike

XenForo developer
Staff member
#5
It's a fundamental design decision. The only other option is to stick the session in URLs and that's not an option that we're happy with.
 

Cezz

Well-known member
#6
It's a fundamental design decision. The only other option is to stick the session in URLs and that's not an option that we're happy with.
You could do a test for cookies though right? and at least show an error message stating cookies are required if the test fails?

I totally agree with the not using a SID but if we do that need to explain to people why they can't login also.
 

whynot

Well-known member
#7
It's a fundamental design decision. The only other option is to stick the session in URLs and that's not an option that we're happy with.
Unfortunately the forum users won't be happy with it...
Maybe there is still time to change that design decision.
 

Cezz

Well-known member
#8
Unfortunately the forum users won't be happy with it...
Maybe there is still time to change that design decision.
Or Maybe not... I don't think Session ID's should be in URL's ugly and pointless.. To get the best out of the web these days people need to realise that cookies are NOT evil.
 

whynot

Well-known member
#12
How many people do you know that browse with cookies disabled nowadays? :confused:
I'm not searching-asking.
I know that a few sites' cookies are disabled in my browser.
If I bought XF, in my users browsers they could be disabled fully.
Which actually means that they would not be my forum's users.

No users,I would not need XF at all.
 

dutchbb

Well-known member
#13
You could do a test for cookies though right? and at least show an error message stating cookies are required if the test fails?

I totally agree with the not using a SID but if we do that need to explain to people why they can't login also.
This would be nice, if possible of course. Cookies will also fail to work if the user has nog space left on their cookies folder (which happens sometimes).

An informational message like 'please make sure your browser accepts cookies and there is enough space left to save them' would help.
 

Forsaken

Well-known member
#16
You can,don't worry,XF protects you,they know what's good for you.
Theres this thing called private tabs/private window/privacy browsing/what have you in modern browsers (In most cases), and it does wonders. Basically, it allows you to go stealth, just like an Internet Ninja!

Cookieless browsing adds little in the way of security :).
 

Ryan

Well-known member
#17
I'm okay with requiring cookies, but there definitely needs to be some sort of notification/error message instructing the user to enable cookies when they try to login and they are disabled...Without that, mass confusion ensues
 

Forsaken

Well-known member
#18
I'm okay with requiring cookies, but there definitely needs to be some sort of notification/error message instructing the user to enable cookies when they try to login and they are disabled...Without that, mass confusion ensues
I agree there needs to be a notification at least.