On 03/12/11 02:06, Jeffrey T. Darlington wrote:
I know you guys are probably getting tired of seeing my name appear on this list by now, but I've run into yet another 1.18.0 upgrade issue. After lots of debugging over at the Bugzilla site, I finally found out my custom skin was the cause of most of my 500 server errors. I now have 1.18.0 running successfully, complete with my own custom skin (now properly derived from MonoBook rather than the hack job I did earlier).
Only... now I can't log in.
Every time I attempt to log in I receive the following cryptic error:
Login error
<nocookiesforlogin>
That's strange. Do you have the language files up to date? It's not finding nocookiesforlogin message, whose contents are "{{int:nocookieslogin}}" which would expand to "{{SITENAME}} uses cookies to log in users. You have cookies disabled. Please enable them and try again."
I know for a fact that my username and password are correct, and this is my own site so I'm certainly not blocking my own cookies.
Maybe you are not /trying/ to block your cookies, but that error message mean that when sending the data, it is not receiving the cookies that should be presented with the POST.
The only thing I can possibly think of that might be affecting this is the fact that I use Apache mod_rewrite to force login requests to HTTPS mode so the password will be encrypted.
Is it just a redirect on the first load of UserLogin (in which case the below comment probably doesn't apply), or is it doing something fancier?
The <form> tag does not include the protocol as part of the action value, so if I submit the form in HTTPS mode it *should* stay in HTTPS. However, as with everything else I've complained about, this worked without a hitch in 1.17.1 and below and stopped working with 1.18.0.
Any ideas? I want to make sure it's not something stupid I've done before filing a bug report.
Try manually going to the userlogin page in HTTPS and submitting from there. Does it work? If the cookie was originally set in http, it should still be present in https, though. The only setting that might matter is if you have $wgCookieSecure = true; mediawiki is sending secure cookies through http, and your browser is rejecting them.
Is your wiki available somewhere?