Not working on Tor
This isn't actually an issue with Tor browser, but the way that sessions are being handled.
Because we now log in over HTTPS, this then sets a cookie for handling your logged in "session", the cookie is being set over HTTPS but then the rest of site is being served over HTTP. By default there are a few browsers that won't honor the session from HTTPS over HTTP (because the session then becomes insecure / could be hijacked etc.)
To fix this issue, you need to disable "Automatic Secure Cookie Management", as per my attached screenshot.
But ideally the Admins would work towards serving the whole site over HTTPS.
|