Can't Login to the Forums?

13»

Comments

  • Yeah changing the flag worked for me
    JoshTheBlack
  • Professor_PProfessor_P Colorado
    Changing the flag worked for me as well
    JoshTheBlack
  • Is anybody having issues in any browser that is NOT chrome?

    Can we get some folks to post their Chrome version (Menu > Help > About Google Chrome on desktop; Menu > Settings > About on mobile) and whether they are able to successfully log in currently using it?

    I'm on Version 90.0.4430.85 on Ubuntu, 90.0.4430.91 on android.  Can't log in on either.

    EDIT:  I downgraded Chrome to v 81.0.4044.113 (shot in the dark older version) and was able to log in properly without issue.  I'm gonna play around with different versions and see what happens.  Maybe if I find which version breaks it, it will provide better info on what to look for as a solution.

    EDIT2:  It quits allowing log in with version 89.0.4389.90 for me on Ubuntu.  I dug around in the development log of changes and found some possible leads.  On the current version, I am able to reliably* (3 times in a row so far) log in by changing one of the developer flags.  Can anybody else who can't log in try this on desktop and see if they can log in?

    Type "chrome://flags/#schemeful-same-site" in to the address bar.
    Set the "Schemeful Same-Site" flag to disabled.
    It will tell you to reload, so press the reload button.
    Try to log in.

    If that is a reliable solution, it would seem @Jim and @A_Ron_Hubbard could look in to setting up the forums with SSL, possibly with the same certificate as the main site is hosted?  It is out of my realm of knowledge, but this flag appears to control how Chrome calculates same-siteness.  From skimming, it looks like with it enabled, it considers http and https different sites when it is enabled, and the same site when disabled.  
    Since the forums are hosted without SSL (and when trying to browse via SSL, the certificate is invalid being self-signed by plesk) I think this probably causes the break in how chrome now designates same-siteness for cookies. 

    Can we get a few people to test this?
    Worked for me! Thank you so much!

    JoshTheBlack
  • Worked for me too @JoshTheBlack. Thanks for digging into that and figuring out a fix. 
    JoshTheBlack
  • Changing the flag also worked for me. Chrome Version 90.0.4430.93 on Windows 10. 
    JoshTheBlack
  • bizmarkiefaderbizmarkiefader San Francisco
    I'm glad this is fixing the issue but I'm pretty uncomfortable turning off security features for something as janky as this forum as been.
    JoshTheBlack
  • kuman07kuman07 Kansas City
    Worked for me! This month long quarantine from Bald Move forum has been rough. Feels like I just got my forum vaccine and ready to let loose on here.
    JoshTheBlackDashEngine
  • JoshTheBlackJoshTheBlack Atlanta, GA
    I'm glad this is fixing the issue but I'm pretty uncomfortable turning off security features for something as janky as this forum as been.
    I feel that.  Rest assured that this particular feature is one that Chrome has devised and implemented, but would not be active on other browsers at this time.  It's just a feature that Chrome recently flipped the default from disabled to enabled on.  

    I don't think it's a long term solution.  Chrome tends to implement features, slowly add more users defaulted on, then after a short time of little to no issues, removing the ability to turn it off.  

    Jim and Aron are gonna have to figure out how to comply with that security feature before that happens.
    bizmarkiefader
  • Garthgou81Garthgou81 Placerville, CA
    Worked for me also. Woo hoo. Finally back. 
  • Is anybody having issues in any browser that is NOT chrome?

    Can we get some folks to post their Chrome version (Menu > Help > About Google Chrome on desktop; Menu > Settings > About on mobile) and whether they are able to successfully log in currently using it?

    I'm on Version 90.0.4430.85 on Ubuntu, 90.0.4430.91 on android.  Can't log in on either.

    EDIT:  I downgraded Chrome to v 81.0.4044.113 (shot in the dark older version) and was able to log in properly without issue.  I'm gonna play around with different versions and see what happens.  Maybe if I find which version breaks it, it will provide better info on what to look for as a solution.

    EDIT2:  It quits allowing log in with version 89.0.4389.90 for me on Ubuntu.  I dug around in the development log of changes and found some possible leads.  On the current version, I am able to reliably* (3 times in a row so far) log in by changing one of the developer flags.  Can anybody else who can't log in try this on desktop and see if they can log in?

    Type "chrome://flags/#schemeful-same-site" in to the address bar.
    Set the "Schemeful Same-Site" flag to disabled.
    It will tell you to reload, so press the reload button.
    Try to log in.

    If that is a reliable solution, it would seem @Jim and @A_Ron_Hubbard could look in to setting up the forums with SSL, possibly with the same certificate as the main site is hosted?  It is out of my realm of knowledge, but this flag appears to control how Chrome calculates same-siteness.  From skimming, it looks like with it enabled, it considers http and https different sites when it is enabled, and the same site when disabled.  
    Since the forums are hosted without SSL (and when trying to browse via SSL, the certificate is invalid being self-signed by plesk) I think this probably causes the break in how chrome now designates same-siteness for cookies. 

    Can we get a few people to test this?
    Can confirm that this worked for me.

    chrome://flags/#schemeful-same-site
    Paste that in the address bar, set it to disabled, hit reload, then try and log in.
  • A_Ron_HubbardA_Ron_Hubbard Cincinnati, OH
    I'm glad this is fixing the issue but I'm pretty uncomfortable turning off security features for something as janky as this forum as been.
    I feel that.  Rest assured that this particular feature is one that Chrome has devised and implemented, but would not be active on other browsers at this time.  It's just a feature that Chrome recently flipped the default from disabled to enabled on.  

    I don't think it's a long term solution.  Chrome tends to implement features, slowly add more users defaulted on, then after a short time of little to no issues, removing the ability to turn it off.  

    Jim and Aron are gonna have to figure out how to comply with that security feature before that happens.
    Hey, I appreciate the legwork that you all put into this. Good lord, the hivemind really comes through. I'll go over this with Jim and our developer because if this is indeed a cookie/cert mismatch issue, I think we could get this fixed for minimal cost and time investment.
    bizmarkiefader
  • MichelleMichelle California
    It worked for me too!
    @JoshTheBlack you are a(n) (inter)national f'ing treasure.


    JoshTheBlacktom_g
  • Thanks to tech support @JoshTheBlack , chrome is a go for me again - no more edging.

Sign In or Register to comment.