Steps to replicate the issue (include links if applicable):
- 1. Log in to Wikipedia and use Firefox, perhaps
- 2. Log in to any language'd edition of Wikisource (wikisource.org works even less)
What happens?:
I get correctly logged in per central auth stuff, but on any new page load, refresh or wikilink or even just opening the notifications modal, I get logged out behavior. (In the case of the notification modals, they will tell you there are no notifications even if there are)
What should have happened instead?:
I get correct logged in behavior
Software version (skip for WMF-hosted wikis like Wikipedia): Wikisource
Other information (browser name/version, screenshots, etc.):
Waterfox G6.0.5
Console messages:
Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wikipedia.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wikibooks.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wikinews.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wikiquote.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wikiversity.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wikivoyage.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wiktionary.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://www.mediawiki.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://api.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://commons.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://incubator.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://meta.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://species.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://wikimania.wikimedia.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://www.wikidata.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://www.wikifunctions.org/wiki/Special:CentralAutoLogin/start?type=1x1&from=enwikisource start Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://login.wikimedia.org/wiki/Special:CentralAutoLogin/refreshCookies?type=1x1&wikiid=enwikisource refreshCookies Some cookies are misusing the recommended “SameSite“ attribute 47 Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://meta.wikimedia.org/w/load.php?lang=en&modules=ext.globalCssJs.user&skin=vector-2022&user=Aaron+Liu&version=opsoa startup.js:1046:16 Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wikipedia.org/wiki/User:Aaron_Liu/Watchlyst_Greybar_Unsin.js?action=raw&ctype=text/javascript startup.js:1046:16 Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://commons.wikimedia.org/w/index.php?title=User:Jack_who_built_the_house/convenientDiscussions.js&action=raw&ctype=text/javascript startup.js:1046:16 Referrer Policy: Ignoring the less restricted referrer policy “origin-when-cross-origin” for the cross-site request: https://en.wikipedia.org/w/index.php?title=User:Gary/comments%20in%20local%20time.js&action=raw&ctype=text/javascript startup.js:1046:16
Here's a list of everything logged under "some cookies are misusing the recommended 'samesite' attribute. Every single ellipsis is a stand-in for does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite:
Cookie “WMF-DP” ... Act_III Cookie “NetworkProbeLimit” ... Act_III Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... start Cookie “NetworkProbeLimit” ... 2 refreshCookies Cookie “enwikisourcemwclientprefs” ... jar.js:86:5 Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 index.php Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 checkLoggedIn Cookie “NetworkProbeLimit” ... 2 Watchlyst_Greybar_Unsin.js Cookie “centralauth_ss0-User” ... index.php Cookie “centralauth_ss0-Token” ... index.php Cookie “ss0-centralauth_Session” ... index.php Cookie “NetworkProbeLimit” ... index.php Cookie “centralauth_ss0-User” ... index.php Cookie “centralauth_ss0-Token” ... index.php Cookie “ss0-centralauth_Session” ... index.php Cookie “NetworkProbeLimit” ... index.php Cookie “NetworkProbeLimit” ... 2 api.php Cookie “NetworkProbeLimit” ... 2 index.php
If I try to log in to the wikisource.org (without a language prefix), I get the conventional login screen and this error when I try to log in:
This time, the console only has these lines:
Some cookies are misusing the recommended “SameSite“ attribute 5 Cookie “ss0-sourceswikiSession” ... index.php Cookie “centralauth_ss0-User” ... index.php Cookie “centralauth_ss0-Token” ... index.php Cookie “ss0-sourceswikiSession” ... index.php Cookie “NetworkProbeLimit” ...