[Webkit-unassigned] [Bug 183245] New: [GTK] Unable to login to some websites because cookies are rejected

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Mar 1 06:53:22 PST 2018 

https://bugs.webkit.org/show_bug.cgi?id=183245

            Bug ID: 183245
           Summary: [GTK] Unable to login to some websites because cookies
                    are rejected
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: lantw44 at gmail.com
                CC: bugs-noreply at webkitgtk.org

This problem can be found in both WebKitGTK+ 2.19.91 and svn trunk r229066. I am unable to login to FreeBSD Bugzilla and Phabricator with Epiphany because of the problem.

Steps to reproduce on FreeBSD Bugzilla:

1. Open https://bugs.freebsd.org.
2. Right-click on the page and choose 'Inspect Element'. Switch to the 'Storage' tab to see cookies.
3. Type email address and password to login. The login is successful, but no cookie is set.
4. Click 'New' on the page, and you will be asked to login again.

This is very inconvenient because I have to type password for every single operation.

Steps to reproduce on Phabricator:

1. Open https://reviews.freebsd.org. It is not specific to FreeBSD Phabricator. You can use other sites to test.
2. Right-click on the page and choose 'Inspect Element'. Switch to the 'Storage' tab to see cookies.
3. Click 'Log in' and type something in the login page. You don't need an account to reproduce the issue.
4. Phabricator refuses to check anything you submitted and show the following message.

Unhandled Exception ("AphrontMalformedRequestException")

You are trying to save some data to Phabricator, but the request your browser made included an incorrect token. Reload the page and try again. You may need to clear your cookies.
This was a Web request.
This request had an invalid CSRF token.

This makes it impossible to login. It is especially problematic for internal or private installation of Phabricator because they don't allow anonymous access.

Both issues can be worked around by setting the cookie policy to 'always accept' in Epiphany.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180301/32ee0dad/attachment.html>

More information about the webkit-unassigned mailing list