Author: thor.malmjursson
Description:
I'm reporting an issue with regard to logging in to Wikipedia/Meta/Wikinews which is causing intermittent failures to complete login. I stress this is intermittent, so may need several attempts before replication is possible:
When trying to login, entering your username and password results in the browser seemingly attempting to obtain information from another site, i.e on Wikinews, it says it's waiting for en.wikipedia.org - after this, your login fails, and you are presented with a large red box over the login page, containing the message:
"Login error
There seems to be a problem with your login session; this action has been canceled as a precaution against session hijacking. Please hit "back" and reload the page you came from, then try again."
I have received this error during two net sessions today, resulting in a total of 65 login attempts from 3 browsers, Firefox, Safari and IE7, before successful login was gained.
I spoke with staff in #wikimedia-tech on Freenode earlier, during the first session, and it was suggested it may be something to do with a "Login CSRF patch".
Could this please be investigated? Thanks.
Version: unspecified
Severity: major