Fixed Microsoft Edge Problem

[RSI]

Affected version

2.0.4

Hi,

My Xenforo 2 installation seems to have a problem trying to log in or register when using Microsoft Edge browser.

What's going on with that? I get the error below...

Oops! We ran into some problems.

Security error occurred. Please press back, refresh the page, and try again.

 

[Chris D]

Just your XF2 installation, or can you reproduce the issue when logging in here too?

 

[RSI]

Yep, the exact same thing happens here, I just tried it. When you try to click on the Login or Register tabs it comes up with the error.
.

 

[RSI]

And here is the version I have on this PC.

Microsoft Edge 40.15063.674.0
Microsoft EdgeHTML 15.15063
.

 

[RSI]

And here is the screenshot of what I get after clicking the log in tab here at https://xenforo.com/community/


.

 

[imno007]

I can't reproduce it on latest Edge.

Microsoft Edge 41.16299.248.0
Microsoft EdgeHTML 16.16299

 

[RSI]

I have no way to upgrade to the latest version, this is a work computer. Everything works fine with Firefox, etc. but my version of Edge has the issue and needs to be corrected.
.

 

[imno007]

I have no way to upgrade to the latest version, this is a work computer. Everything works fine with Firefox, etc. but my version of Edge has the issue and needs to be corrected.
.

Never said it didn't. Just thought it might be useful info to know that it's possibly only a problem with your version or earlier.

 

[RSI]

Never said it didn't. Just thought it might be useful info to know that it's possibly only a problem with your version or earlier.

Oh, I figured it out. By default Edge is set with the default to Block all cookies. I just changed it to Block only third party cookies and Don't block all cookies and both of those settings make it work.

Why would having it set to Block all cookies stop the Log in and Registration tabs from working. Are cookies needed for that to function? Some people never change that default setting and never allow cookies so how would they ever be able to log in or even register?

What happens on yours if you go into Edge's Advanced Settings and set it to Block all cookies? Do you get the error then with your version?
.

 

[imno007]

Edge isn't set to block all cookies by default. You said you are using it at work, so I would guess your employer did it. Yes, you need cookies enabled to login, although I suppose a more specific error message that you need to have cookies enabled would be helpful - but then they might have a good reason for not doing so. Anyway, how would the site know who you are without cookies? How would user permissions work without them? You don't have to log in, but you won't be able to access customer sections without doing so.

 

[RSI]

I agree, but you might get visitors who when they see the error message might go away because when they see the message they might think something is wrong with your site’s security, etc.

They either need to fix the message for that and make it say you must enable cookies or just make it ignore it when they have them disabled, even if they have problems staying logged in and etc.
.

 

[imno007]

I agree, but you might get visitors who when they see the error message might go away because when they see the message they might think something is wrong with your site’s security, etc.

They either need to fix the message for that and make it say you must enable cookies or just make it ignore it when they have them disabled, even if they have problems staying logged in and etc.
.

Again, maybe not the best default warning/alert, but for your own site you can easily change it. Just go into your admin and search for "Oops," click on "oops_we_ran_into_some_problems" and change the phrase text.

 

[RSI]

Again, maybe not the best default warning/alert, but for your own site you can easily change it. Just go into your admin and search for "Oops," click on "oops_we_ran_into_some_problems" and change the phrase text.

Yeah that's easy, but how many other types of errors display that exact same message? I'm guessing it's with more than just this one. I think it would be better to have a separate message just for when someone has their cookies disabled when they try to log in or register if there is a way to detect it.
..

 

[imno007]

There's one phrase that can be triggered on login and one on registration, and besides the cookies thing the only likely reason a user would see either, as far as I know, would be because of a server side issue, maybe a redirection or cache problem. But in the end you could just get creative and word the phrases to cover several things the users might want to check if they're seeing the alert, like "If you're seeing this alert, please make sure you have cookies enabled and/or refresh your page. If that doesn't work, please contact an admin." Or whatever. Best advice I can give you.

 

[RSI]

Here's the thing with all of this though, Edge is different. I just blocked all cookies using Safari and Firefox and it lets me try to login. It comes up with login page but not the overlay. It lets me try to login, but comes up with a blue message that says...

• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Well, Edge wont even get that far so something about it is different.
.

 

[captainmatt29]

While it's inconvenient this isn't an issue for developers to fix nor is it a bug its just the browsing restrictions imposed by your company's internet policy rules.

 

[Chris D]

All we can really do is display a more clear error message when cookies are blocked. FWIW, the code should run regardless of browser (certainly does in Chrome as well as Edge) and there isn't any code that would bypass the overlay. That could indicate issues with JavaScript in the browsers where you experienced that.

The error message in this case will now be:

Cookies are required to use this site. You must accept them to continue using the site.