Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ability to set cookies seems not to be tested for correctly

    Scheduled Pinned Locked Moved webGUI
    4 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MMacD
      last edited by

      Using the latest-and-greatest Firefox browser and 2.1.2, I find that in order to use the web interface I have to completely open my system to any random cookie instead of specifically allowing cookies from the firewall's ip.

      If I have cookies locked out from sites not on the approved list, I cannot log in to the web interface.  I get no information at that point about what might be going on; the accountname and password are simply erased.  Since I've seen this problem before in certain other cases, I was pretty sure that disabling the cookie list would immediately allow me to access the interface.  And it did.  And that's when I get the (incorrect) message that my session was idle too long or I need to allow cookies.

      This is apparently a problem with how the interface is trying to determine whether it can set a cookie, since most sites get it right but a minority of sites don't.

      It seems like a bad idea for us to have to turn off cookie gatekeeping in order to use the web interface.  It's certainly annoying!

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The last time I saw something like that, it was a broken configuration on the GUI. It was configured for HTTPS but had no certificate to use. Go to System > Advanced. Set the GUI to use HTTP, save, and then see if you can reach the GUI without messing with cookies. If that worked, then try changing it back to HTTPS. You may have to manually create your own CA/Cert for use by the GUI.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M
          MMacD
          last edited by

          That's not it – it was and is set to http.

          1 Reply Last reply Reply Quote 0
          • M
            MMacD
            last edited by

            I've up'd to 2.1.3 and the problem still persists.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.