StackExchange's Authentication Fails
Posted: Sat Jun 14, 2014 2:05 am
When you go to StackExchange.com and you click on login, it takes you to the page with all the options (transparently called StackAuth.com - more on this later) and you log in using SE credentials in my case. After this is done, you go to ANY SE site, such as stackoverflow.com, or *.stackexchange.com, or superuser.com or whatnot, it will automatically log you in since you have already logged in using the network credentials of SE. This is accomplished by StackAuth.com IFRAME (long story but was the only way we could get the site to actually do authentication across all the sites most reliably).
This works fine on Chrome. On Firefox it works just fine as well, EXCEPT when NoScript is installed. In fact at no point does NS detect presence of StackAuth.com during any of the processes but if you put it on the whitelist manually, it will see it. This is the first weird issue. But regardless, as long as NS is enabled, it WILL NOT automatically log into any of the sites for SE, most of which is covered by allowing stackexchange.com because they are *.stackexchange.com and the ones that are not, such as serverfault.com, superuser.com and so on that have a dedicated domain name, you allow individually. Regardless of the sites being allowed on NS, it won't detect stackauth and won't log in automatically while NS is active.
Any idea what's going on here?
This works fine on Chrome. On Firefox it works just fine as well, EXCEPT when NoScript is installed. In fact at no point does NS detect presence of StackAuth.com during any of the processes but if you put it on the whitelist manually, it will see it. This is the first weird issue. But regardless, as long as NS is enabled, it WILL NOT automatically log into any of the sites for SE, most of which is covered by allowing stackexchange.com because they are *.stackexchange.com and the ones that are not, such as serverfault.com, superuser.com and so on that have a dedicated domain name, you allow individually. Regardless of the sites being allowed on NS, it won't detect stackauth and won't log in automatically while NS is active.
Any idea what's going on here?