When the authorisation cookies expire (CF_Authorization
) it redirects the user to a generic error page. Image bellow
The expected behaviour is to show the refresh pop-up page. that happens when the Discourse _t
cookie expires. Image below.
Ideas that didn’t work:
- Since the cookie is secure we can not get it using JS.
- The Cloudflare team can not extend the expiry date for security reasons.
Does anyone have an idea how can we solve this issue?
pfaffman
(Jay Pfaffman)
2
Other than breaking discourse, what problem is the cloudflare authorization solving?
I thought that there was a site setting for how long discourse cookies last, but maybe it’s hidden.
3 Likes
I’m not sure. The CF_Authorization
is not a Discourse cookie. The problem is that the Cloudflare cookie triggers before the Discourse cookie _t
.
pfaffman
(Jay Pfaffman)
4
You can try changing persistent sessions
or maximum session age
.
Why is the cloudflare cookie important?
I’m not sure. I will try to get more info on that.
pfaffman
(Jay Pfaffman)
7
I think you’d need to delete your existing cookies after changing those settings. They will affect only new sessions and be cookies.
Still not working. I open the forum in a Anonymous browser and after deleting the CF_Authorization
cookie the same generic page was shown.
pfaffman
(Jay Pfaffman)
9
Oh, sorry. I guess I don’t understand what that cloudflare thing is doing. Can you do without it?
1 Like