This project is not covered by Drupal’s security advisory policy.

Drupal requires cookies for user login, but by default no error message is given when a user's browser is set not to accept cookies. The result is a broken site--after attempting to log in, the user is returned to an empty login form with no indication of why login failed.

Cookie check fixes this issue. When a user submits a login form, the module checks for cookie support and provides an error message if cookies are not supported: 'It seems your browser does not accept cookies. To log into this site, you need to accept cookies from the domain @domain.' where @domain is the name of the domain the user was trying to log into.

Based on a patch by chx and others: #2946: Login fails and no warning is issued if cookies are not enabled. If you'd like this bug to be fixed in Drupal core, please test and review that issue.

There are no current plans to upgrade to Drupal 7. See #1170420: Any plan for D7?.

Project information