Printer-friendly version
Forums:
Since a few weeks I get a "Security alert - login cookie incorrect" when I come back to my PC in the evening.
Most times I have accessed BC during the day from my smartphone, where I had to relogin.
What could be the real problem, because I'm sure that "cookie stolen" is not the case ;-)
(PC: Linux Fedora 20 with Firefox 31.0, Smartphone: Android 4.2.1 with Dolphin 11.2.0)
Martina
Smartphone eating cookies?
Looks like you're stealing your own cookie. :)
There are two things that are used to check each other during logins. The session is on the server, managed by Drupal; the cookie is on your own machine, managed by your browser from orders given by Drupal. Each of them has info to recognize the matching other. If they don't match, you get an error message. Each server/browser/machine combination gets its own session in the BC database and stores a cookie in its own data, so I don't think this has anything to do with you surfing on another machine. It's all happening on your home machine.
Since there are several layers of caching involved, what can be happening is that when you return to your home machine, you are somehow checking your cookie against a stale session record. Either that or something is corrupting the cookie stored on your machine. Not sure what would do that.
I have had this happen myself but closing the browser and re-opening made the phenomenon go away and stay gone for days or weeks.
If that doesn't work, try using a different browser on your home machine for a day or so and see if it keeps happening. If that still doesn't solve it, you either have some sort of malware or maladroit plug-in causing the problem or your ISP is just fucking with you. :)
Hugs,
Erin
= Give everyone the benefit of the doubt because certainty is a fragile thing that can be shattered by one overlooked fact.
Not possible Erin
"you either have some sort of malware "
The ONLY malware that can infest a LINUX distro or Mac is a rootkit or an irc bot, which don't touch browser cookies.
[ and to be blunt, yes macosx can get a rootkit infestation or an irc bot, despite mac owners claiming it can't. ]
Stupidity is a capital offense. A summary not indictable.
Dolphin Browser Sync
Assuming you use Dolphin's "Send tab to phone" or whatever they call it feature, try sending the tab BACK to your desktop at the end of the day if you can. If they are doing cookie-sync between the desktop to mobile, if you don't sync the cookie BACK to the desktop, then drupal will see it as theft of an older cookie.
-Piper