diff --git a/core/lib/Drupal/Core/EventSubscriber/MaintenanceModeSubscriber.php b/core/lib/Drupal/Core/EventSubscriber/MaintenanceModeSubscriber.php
index c2688ed..13e1c3b 100644
--- a/core/lib/Drupal/Core/EventSubscriber/MaintenanceModeSubscriber.php
+++ b/core/lib/Drupal/Core/EventSubscriber/MaintenanceModeSubscriber.php
@@ -152,10 +152,28 @@ class MaintenanceModeSubscriber implements EventSubscriberInterface {
   }
 
   /**
+   * Check if the user has cookies enabled.
+   *
+   * If the user was redirected to this page on an attempted login but the
+   * login didn't succeed, warn them about missing cookies.
+   *
+   * @see user_login_form_submit().
+   * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
+   *   The event to process.
+   */
+  public function checkUserCookies(GetResponseEvent $event) {
+    if (isset($_GET['state']) && $_GET['state'] == 'loggedin' && !$this->account->isAuthenticated()) {
+      $domain = ini_get('session.cookie_domain') ? ltrim(ini_get('session.cookie_domain'), '.') : $_SERVER['HTTP_HOST'];
+      $this->messenger->addMessage($this->t('To log in to this site, your browser must accept cookies from the domain %domain.', ['%domain' => $domain]), 'error');
+    }
+  }
+
+  /**
    * {@inheritdoc}
    */
   public static function getSubscribedEvents() {
     $events[KernelEvents::REQUEST][] = ['onKernelRequestMaintenance', 30];
+    $events[KernelEvents::REQUEST][] = ['checkUserCookies'];
     $events[KernelEvents::EXCEPTION][] = ['onKernelRequestMaintenance'];
     return $events;
   }
diff --git a/core/modules/system/src/Tests/Session/SessionHttpsTest.php b/core/modules/system/src/Tests/Session/SessionHttpsTest.php
index 6ba70da..f1cff81 100644
--- a/core/modules/system/src/Tests/Session/SessionHttpsTest.php
+++ b/core/modules/system/src/Tests/Session/SessionHttpsTest.php
@@ -132,7 +132,12 @@ class SessionHttpsTest extends WebTestBase {
 
     // Follow the location header.
     $path = $this->getPathFromLocationHeader(FALSE);
-    $this->drupalGet($this->httpUrl($path));
+    $parsed_path = parse_url($path);
+    $query = [];
+    if (isset($parsed_path['query'])) {
+      parse_str($parsed_path['query'], $query);
+    }
+    $this->drupalGet($this->httpUrl($parsed_path['path']), ['query' => $query]);
     $this->assertResponse(200);
   }
 
@@ -172,7 +177,12 @@ class SessionHttpsTest extends WebTestBase {
 
     // Follow the location header.
     $path = $this->getPathFromLocationHeader(TRUE);
-    $this->drupalGet($this->httpsUrl($path));
+    $parsed_path = parse_url($path);
+    $query = [];
+    if (isset($parsed_path['query'])) {
+      parse_str($parsed_path['query'], $query);
+    }
+    $this->drupalGet($this->httpsUrl($parsed_path['path']), ['query' => $query]);
     $this->assertResponse(200);
   }
 
diff --git a/core/modules/user/src/Form/UserLoginForm.php b/core/modules/user/src/Form/UserLoginForm.php
index 703e0ce..1911084 100644
--- a/core/modules/user/src/Form/UserLoginForm.php
+++ b/core/modules/user/src/Form/UserLoginForm.php
@@ -135,7 +135,8 @@ class UserLoginForm extends FormBase {
     if (!$this->getRequest()->request->has('destination')) {
       $form_state->setRedirect(
         'entity.user.canonical',
-        ['user' => $account->id()]
+        ['user' => $account->id()],
+        ['query' => ['state' => 'loggedin']]
       );
     }
     else {
diff --git a/core/modules/user/src/Plugin/Block/UserLoginBlock.php b/core/modules/user/src/Plugin/Block/UserLoginBlock.php
index a9341f9..d0588ba 100644
--- a/core/modules/user/src/Plugin/Block/UserLoginBlock.php
+++ b/core/modules/user/src/Plugin/Block/UserLoginBlock.php
@@ -2,13 +2,15 @@
 
 namespace Drupal\user\Plugin\Block;
 
+use Drupal\Component\Utility\UrlHelper;
 use Drupal\Core\Access\AccessResult;
+use Drupal\Core\Block\BlockBase;
 use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
 use Drupal\Core\Routing\RedirectDestinationTrait;
 use Drupal\Core\Routing\RouteMatchInterface;
-use Drupal\Core\Url;
+use Drupal\Core\Routing\UrlGeneratorTrait;
 use Drupal\Core\Session\AccountInterface;
-use Drupal\Core\Block\BlockBase;
+use Drupal\Core\Url;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 
 /**
@@ -22,6 +24,7 @@ use Symfony\Component\DependencyInjection\ContainerInterface;
  */
 class UserLoginBlock extends BlockBase implements ContainerFactoryPluginInterface {
 
+  use UrlGeneratorTrait;
   use RedirectDestinationTrait;
 
   /**
@@ -152,9 +155,20 @@ class UserLoginBlock extends BlockBase implements ContainerFactoryPluginInterfac
    * @see \Drupal\Core\Form\FormBuilder::renderPlaceholderFormAction()
    */
   public static function renderPlaceholderFormAction() {
+    // Set the form action so that the user will be redirected to the current
+    // destination after logging in. Also append a query parameter to the
+    // destination in  so we can check later if the login was successful; see
+    // user_init().
+    $destination = \Drupal::destination()->getAsArray();
+    $options = UrlHelper::parse($destination['destination']);
+    $options['query']['state'] = 'loggedin';
+    $destination['destination'] = $options['path'] . '?' . UrlHelper::buildQuery($options['query']);
     return [
       '#type' => 'markup',
-      '#markup' => Url::fromRoute('<current>', [], ['query' => \Drupal::destination()->getAsArray(), 'external' => FALSE])->toString(),
+      '#markup' => Url::fromRoute('<current>', [], [
+        'query' => $destination,
+        'external' => FALSE,
+      ])->toString(),
       '#cache' => ['contexts' => ['url.path', 'url.query_args']],
     ];
   }
diff --git a/core/modules/user/src/Tests/UserBlocksTest.php b/core/modules/user/src/Tests/UserBlocksTest.php
index 0a4c619..e319f6c 100644
--- a/core/modules/user/src/Tests/UserBlocksTest.php
+++ b/core/modules/user/src/Tests/UserBlocksTest.php
@@ -74,7 +74,8 @@ class UserBlocksTest extends WebTestBase {
     $this->assertNoText(t('User login'), 'Logged in.');
 
     // Check that we are still on the same page.
-    $this->assertUrl(\Drupal::url('user.admin_permissions', [], ['absolute' => TRUE]), [], 'Still on the same page after login for access denied page');
+    $url = \Drupal::url('user.admin_permissions', [], ['absolute' => TRUE, 'query' => ['state' => 'loggedin']]);
+    $this->assertUrl($url, [], 'Still on the same page after login for access denied page');
 
     // Now, log out and repeat with a non-403 page.
     $this->drupalLogout();
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index cabe189..f310b1f 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -567,6 +567,19 @@ function user_login_finalize(UserInterface $account) {
 }
 
 /**
+ * Submit handler for the login form. Load $user object and perform standard login
+ * tasks. The user is then redirected to the My Account page. Setting the
+ * destination in the query string overrides the redirect.
+ */
+function user_login_form_submit($form, &$form_state) {
+  global $user;
+  $user = user_load($form_state['uid']);
+  $form_state['redirect'] = ['user/' . $user->uid, ['query' => ['state' => 'loggedin']]];
+
+  user_login_finalize($form_state);
+}
+
+/**
  * Implements hook_user_login().
  */
 function user_user_login($account) {