XF 2.1 Logged in users getting 'Cookies are required to use this site' a couple of times a day
- Thread starter HJW
- Start date
It's not a known issue, no, but also not likely to be a bug, either.
On the occasions where we have seen this it has been a situation whereby the site is available on multiple URLs, e.g. a http:// and a https:// version.
I can't reproduce that on your site but certainly worth reviewing whether you have any URL redirections, such as from an old domain to a new domain. If you aren't already, the best way of doing that isn't necessarily through nginx or Apache redirection/rewrite rules but instead by enabling the "Board URL canonicalization" option in XF.
There may be other situations where this might occur but that's the most common one.
Simply put, the request to the web server isn't including the relevant cookies so it may break things like CSRF token validation or make it appear as though the user is logged out.
On the occasions where we have seen this it has been a situation whereby the site is available on multiple URLs, e.g. a http:// and a https:// version.
I can't reproduce that on your site but certainly worth reviewing whether you have any URL redirections, such as from an old domain to a new domain. If you aren't already, the best way of doing that isn't necessarily through nginx or Apache redirection/rewrite rules but instead by enabling the "Board URL canonicalization" option in XF.
There may be other situations where this might occur but that's the most common one.
Simply put, the request to the web server isn't including the relevant cookies so it may break things like CSRF token validation or make it appear as though the user is logged out.
Thanks @Chris D , I thought it might be something to do with HTTP / https as had similar years ago, but all the redirects appear to have been working fine for a long time and I've checked all the people having it are on the HTTPS.
I don't think its' a bug with XF, but it's interesting that it's started happening to multiple users on safari in the last week. I thought maybe apple had updated something that's causing cookie issues.
Is there any way I can debug or output more on the cookie error page to try and see what's gone wrong?
I don't think its' a bug with XF, but it's interesting that it's started happening to multiple users on safari in the last week. I thought maybe apple had updated something that's causing cookie issues.
Is there any way I can debug or output more on the cookie error page to try and see what's gone wrong?
When they experience the error, definitely ask them to copy the address in the Safari address bar and paste it to you. It may look to them like the normal URL but it might be worth looking at it more closely just in case it indicates that a redirect hasn't occurred as expected.
Worth too analysing what they were doing before the error happened, i.e. were they on a specific page, just browsing, making a post etc.
Would these users be using a stable version of macOS and/or iOS or development preview/betas of Safari etc?
There is a new feature in iOS and macOS that can mask a user's IP address but it would only be available in development previews at this stage but we wouldn't expect this to cause issues with anything.
Worth too analysing what they were doing before the error happened, i.e. were they on a specific page, just browsing, making a post etc.
Would these users be using a stable version of macOS and/or iOS or development preview/betas of Safari etc?
There is a new feature in iOS and macOS that can mask a user's IP address but it would only be available in development previews at this stage but we wouldn't expect this to cause issues with anything.
AndyB
Well-known member
Similar threads
- Question
- Question
- Question
