Login Issues update - Delete your cookies

[MKJ]

Hey all,
The login issue seems to be fixed; clicking "Log me in every time" should no longer still log you out.
Important: delete your cookies before relogging in, you might have some bad cookies messing things up.

If there's any issues please let me know.

[Eraser]

I removed cookies but it still doesn't persist my login

[MKJ]

Pls tell me the steps you're taking - tested it on multiple devices and different browsers and I am unable to reproduce the issue.

[seremtan]

i heard the fix doesn't work if you have a mangina

[Eraser]

It's weird. It works with IE, Edge and Chrome but Firefox won't budge.
I deleted my entire browsing history but it won't keep my session active. Oddly enough I also still have the sid in the URL after logging in.

[DooMer]

Works with Firefox here i didn't even toss my cookies

[MKJ]

sure ur not just blocking cookies from this domain in ff?

[Transient]

I removed cookies but it still doesn't persist my login

Same here. Using Chrome. I disabled adblocker type extensions and it still doesn't persist my login. It did fix the instant-logout bug that I noticed when I first visited the site today, but I saw the sticky thread and deleted my cookies so I can at least log in.

edit: Same problem with FF.

[seremtan]

same here. FF. deleted Q3W cookies. restarted FF. nothing

maybe the internet doesn't like unsecure logins any more

[MKJ]

we're already on ssl

[Eraser]

same here. FF. deleted Q3W cookies. restarted FF. nothing

maybe the internet doesn't like unsecure logins any more

Lots of mangina's around here

[Eraser]

I might have an idea what the problem is. I browse to quake3world.com, so no https. If I log in no cookies are stored and I stay on a non-secure connection.
If I explicitly browse to https://quake3world.com I get a message that the certificate is invalid (it's self-signed). If I add a security exception for the certificate I can continue browsing through https and a cookie is stored. Also, after accepting the certificate exception, I am redirected to https when I browse to Q3W using http. I know Firefox is a bit more fussy when it comes to certificate security than IE and Chrome.

So the solution for Firefox users is:
- Browse to https://quake3world.com/forum
- You'll get a message about an insecure connection. Click the "add exception" button near the bottom.
- Click "Confirm security exception" in the dialog that opens.
- If that button is not enabled you might have to click "Get certificate" first.
- Firefox will continue showing an insecure connection icon in the URL bar which basically means someone might end up doing a man-in-the-middle attack to get your login credentials and pretend to be you but I'm pretty sure that will only be an improvement in most cases.

[MKJ]

Strange, I never added an exception for FF and it works fine for me.
http should also automatically redirect to https serverside.

My FF also doesn't nag about incorrect signed certificates. DooMer set up the ssl cert so he should be able to look into it.
Good to know there's a workaround tho.

[shaft]

FF works fine for me and I never added an exception.

[MKJ]

Going to http://quake3world.com doesnt seem to work, gives security errors and such.
Browsing to /forum seems to redirect to https, no longer nagging about incorrect certs. Click on the lock icon to see more about the cert - you'll see it's actually provided by Lets Encrypt and that it's not self-signed. Adding an exception should not be needed this way.

I'll check if I can do something about the redirect - although DooMer set it up this way so he might know more about the details why.
Problem is that I can't really repro it the way you guys are experiencing it (mac FF vs win FF perhaps?) so I'm partly stabbing in the dark

[MKJ]

pls try using http://quake3world.com/forum and tell me where you end up.

[seremtan]

at same but https

[seremtan]

same here. FF. deleted Q3W cookies. restarted FF. nothing

maybe the internet doesn't like unsecure logins any more

Lots of mangina's around here

[Captain]

Working now, thanks MKJ and Doomer.

And about fucking time too

[mrd]

Phew... I thought I was going fucking mental.

http://quake3world.com/forum worked for me... didn't need to toss any cookies.

[Lieutenant Dan]

Works without deleting any cookies here in FF. Nice work.