The tool is no longer working as intended. When adding the releases from it, MusicBrainz requires me to login even though I’m already logged in and when I do, the release info is completely blank with the following errors:
Do you normally edit through musicbrainz.org or beta.musicbrainz.org?
If the latter, that may be the issue. MB doesn’t log you into both the live and beta sites at the same time, so if you primarily use the live site you’d be required to log in again to access non-public pages on the beta site and vice versa.
It’s been doing that to me all day today as well. Quick solution is to log in and check remember me, than when the blank import comes up, close the tab and import again and it works.
@Deleted_Editor_1807782, @tigerman325 and everyone else plagued by the “not logged in on release import” error, web browsers are changing when cookies are being sent.
If you import a release with one of the many userscripts or a-tisket MusicBrainz depends on a specific cookie in order to identify the user otherwise you can’t add new data (except CD stubs).
As a Chrome user you can revert to the old behavior by setting browser policies.
Add [*.]musicbrainz.org to LegacySameSiteCookieBehaviorEnabledForDomainList
Users of a Windows Home edition can use Policy Plus as an alternative to the group policy editor.
Restarting Chrome should make the policy take effect. This will also be indicated in the Chrome menu.
The reason why logging in again works is because the cookie date is being refreshed and thus triggers the “Lax + POST” mitigation.
Firefox has not yet enabled the new behavior by default (except for Nightly) but it will happen sooner or later.
What tool are you using?
Please link.
It’s been fixed. For a couple of weeks you had to login again on every import using a-tisket. Seems whatever was causing that is no longer causing that.
Google decided to roll back the cookie changes temporarily:
Moreover, MusicBrainz session cookies had their attributes adjusted so cross-origin POST requests won’t fail on first try (see “Lax + POST” mitigation) anymore.
On that occasion also CSRF tokens were introduced.