As designed Can't Login with cookies disabled

dartho

Active member
If you have cookies blocked, you cannot log into XenForo - no errors are kicked up, it just returns you to the screen you were viewing, still not logged in.
 
It's a fundamental design decision. The only other option is to stick the session in URLs and that's not an option that we're happy with.
 
It's a fundamental design decision. The only other option is to stick the session in URLs and that's not an option that we're happy with.

You could do a test for cookies though right? and at least show an error message stating cookies are required if the test fails?

I totally agree with the not using a SID but if we do that need to explain to people why they can't login also.
 
It's a fundamental design decision. The only other option is to stick the session in URLs and that's not an option that we're happy with.

Unfortunately the forum users won't be happy with it...
Maybe there is still time to change that design decision.
 
Unfortunately the forum users won't be happy with it...
Maybe there is still time to change that design decision.

Or Maybe not... I don't think Session ID's should be in URL's ugly and pointless.. To get the best out of the web these days people need to realise that cookies are NOT evil.
 
How many people do you know that browse with cookies disabled nowadays? :confused:

I'm not searching-asking.
I know that a few sites' cookies are disabled in my browser.
If I bought XF, in my users browsers they could be disabled fully.
Which actually means that they would not be my forum's users.

No users,I would not need XF at all.
 
You could do a test for cookies though right? and at least show an error message stating cookies are required if the test fails?

I totally agree with the not using a SID but if we do that need to explain to people why they can't login also.
This would be nice, if possible of course. Cookies will also fail to work if the user has nog space left on their cookies folder (which happens sometimes).

An informational message like 'please make sure your browser accepts cookies and there is enough space left to save them' would help.
 
You can,don't worry,XF protects you,they know what's good for you.
Theres this thing called private tabs/private window/privacy browsing/what have you in modern browsers (In most cases), and it does wonders. Basically, it allows you to go stealth, just like an Internet Ninja!

Cookieless browsing adds little in the way of security :).
 
I'm okay with requiring cookies, but there definitely needs to be some sort of notification/error message instructing the user to enable cookies when they try to login and they are disabled...Without that, mass confusion ensues
 
I'm okay with requiring cookies, but there definitely needs to be some sort of notification/error message instructing the user to enable cookies when they try to login and they are disabled...Without that, mass confusion ensues
I agree there needs to be a notification at least.
 
Top Bottom