As reported before in private communication, remains the case. Yesterday happened on both chromium and firefox. Cookies are enabled and even present (see screenshot, couldn't attach), clearing cookie doesn't help. Now managed to successfully login in firefox.
screenshot.png ?confirmed
I've made http redirect to https, which will avoid this problem.
happened to me again on firefox, where I first went to http://git-annex.branchable.com/bugs/ to file a new report, was directed to login, entered credentials, got error message. I have then removed cookies, went in a new tab to the bugs, this bug, and then was able to login. So it is cookies related, but IMHO not a user fault
OK. I think I have figured out the issue (at least in my case). I guess that I had logged into https://git-annex.branchable.com, then tried to visit the non-secure URL http://git-annex.branchable.com this is when I got the error.
Taking a look at the cookie I send when visiting https://git-annex.branchable.com I see that it has the secure flag set. Which I think means that my browser will refuse to send this cookie when I visit the http://git-annex.branchable.com and will refuse to receive another cookie (since its the same domain).
If I clear my cookies and login via http://git-annex.branchable.com, the cookie does not have the secure flag set.
This means that ikiwiki is serving cookies with different flags for http vs https. Probably related to this feature? https://ikiwiki.info/todo/use_secure_cookies_for_ssl_logins/. Anyhow it seems this isn't quite working as desired. I think it is possible to serve two different cookies (one for http and one for https) but ikiwiki does not appear to be doing that.