A picturesque authentication problem ONLY in Google Chrome

Hello All!

All good? I’m running an application in Django 1.4.22 and some days I’m facing some difficulties for my users to access the restricted area of my site. It so happens that I have the site running on the main domain www.dominio.com.br and the restricted area on app.dominio.com.br, both running on https, and so far everything is fine.

When the user tries to access the restricted area thru the main domain, he enters the site www.dominio.com.br and clicks on a link that redirects to the restricted area in the subdomain app.dominio.com.br, but he cannot log in, he it puts the username and password and returns to the initial login page, and it does not authenticate.

After some tests, I verified that if I go to Chrome’s privacy settings, I can delete the cookie for the domain in question, after the removal of domain cookie information and if the user accesses directly via app.domain.com.br, without going through the main site www.dominio.com.br, can log in successfully. Now, if you go through the main site afterwards, you can no longer log in to the restricted area, you must delete the cookie again in the Google Chrome settings.

In other browsers this problem does not happen, including in other browsers of the Chromiun family, such as Brave, Vivaldi and even Micro$oft’s own.

Has anyone gone through a similar problem?

Awaiting help from a kind soul


Rogério Carrasqueira