I see that others are experiencing this issue... I'm having the same issues as well...
http://i2pforum.i2p/viewtopic.php?t=301 ... 375094050a
will this be fixed soon? If so, when?
-Chef K
When will the auto logout issue be resolved?
Re: When will the auto logout issue be resolved?
Yes this issue is very irritating, I was logged out in the midst of writing a long comment. Had to redo everything from scratch because I did not saved the origianl comment
Re: When will the auto logout issue be resolved?
Same here, I've developed a habit of copying everything I write because of this issue...
Re: When will the auto logout issue be resolved?
If you log in while browser dev tools are opened, you can see in the network tab a request made when you log in (POST to "/ucp.php?mode=login..."). A response to it tries to set cookies, but it sets the domain "i2pforum.net" instead of i2pforum.i2p, and it also sets "secure" (which tells the browser to only use the cookie HTTPS, which is usually not used on i2p sites). Thus the cookie remains unused
This causes the site to resort to the &sid URL parameter, which is not good. (anyone can log in as A by copying A's sid URL parameter, if A has been careless enough to post a URL without removing the parameter).
Probably that also causes the sessions to have a short lifetime. (maybe to prevent the above attack?)
Maybe if this gets changed, these problems will go away...
This causes the site to resort to the &sid URL parameter, which is not good. (anyone can log in as A by copying A's sid URL parameter, if A has been careless enough to post a URL without removing the parameter).
Probably that also causes the sessions to have a short lifetime. (maybe to prevent the above attack?)
Maybe if this gets changed, these problems will go away...