I have installed latest snapshot just now and I am unable to access Luci via web interface anymore with Chromium-based browsers: Chrome or Brave. It works with Firefox, though. Tried clearing cookies and cache completely as a possible solution – does not help. Any ideas?
Interesting. I can't get it to work with firefox but it works from microsludge edge and chrome on android.
Tried deleting cookies, cached pages witj no change. It brings up the logon screen, accepts the logon ok (according to the system log) but return me straight back to the logon prompt page.
This is on the latest snapshot. OpenWrt SNAPSHOT r18244-101300b842 / LuCI Master git-21.327.65538-e982c05
I was only using the http url, not https so don't know if it is related.
I installed an image built with imagebuilder that included luci and uhttpd which is why I could connect with two different browsers, just couldn't with firefox.
The OP had a similar issue except that in his case it was Chrome/Brave that didn't work but firefox did.
So I very strongly suspect that the installed images weren't suffering from missing luci and/or uhttpd.
Delete the sysauth cookie and it should work again. This usually happens when the previous installation was HTTPS and now login is attempted via HTTP. The HTTP-emitted sysauth cookie is not allowed to overwrite the stale HTTPS one in this case.
Before pressing "Login", F12 to open the debug console, select network tab, press "Login" on the web page, right click the first luci/ request, "Copy all as HAR". Careful, the HAR will contain sensitive data such as the password you've entered. Copy it into a text file and redact it before sending. Feel free to PM it to me if you do not want to post it here.
Thanks. So the login is working fine, a session is cookie is received but when the login code calls location.reload() to reload the page after login, the browser does not send the previously received sysauth cookie, it is simply omitted, so that you're thrown back into the login dialog.
Maybe some new crappy WebKit heuristic or security measure. Will research. Unfortunately I am still not able to reproduce it locally.
Unfortunately I was neither able to reproduce it, nor was I able to find similar instances in the web and thus I can't offer any specific things to try.
Maybe some nonstandard add on, proxy, anti virus appliance or similar is interfering?
well found an odd way to 'fix it' (read: temporarily resolve the glitch)...
login in incognito window
switch to argon (probably any other also if you don't have this theme) theme
go back to normal window
login and change back to bootstrap
logout and login again....
some spammy/overloaded sar/har if any use... grepping headersSize on the failed one (number 1) possibly yields a few -1 ? but really out of my depth here so likely nothing...
faulty logic seems to happen right before the 'luci/' is sent... but that could be just a symptom of no cookies or whatever...
laymans guess something with the way css interacts with header timing... (note: neither bootstrap-light nor bootstrap-dark were selected just the normal bootstrap)