Page MenuHomePhabricator

Let action=edit API instruct the client to redirect to another location after saving the edit
Closed, ResolvedPublic

Description

It's a product requirement of IP Masking that the "temporary accounts" function as global accounts. To achieve that, every editing tool must redirect the user through loginwiki, so that we can set cookies there. (Because Wikimedia wikis use different top-level domains, it must be a full-page redirect, otherwise it won't work on browsers that don't accept third-party cookies.) The action=edit API needs to provide the location to redirect to in its response to make that possible.

Event Timeline

(There are other use cases for such a feature, e.g. FlaggedRevs would like to redirect some users to a different URL as well (T266951), but for now I'll just implement the minimal version that CentralAuth support for IP Masking requires.)

Change 926643 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):

[mediawiki/extensions/CentralAuth@master] Let 'TempUserCreatedRedirect' handler run in API requests

https://gerrit.wikimedia.org/r/926643

Change 926645 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):

[mediawiki/core@master] [WIP] ApiEditPage: Create temporary account on edit attempt if enabled

https://gerrit.wikimedia.org/r/926645

This is a cross-cutting concern that will be relevant for the Flow API, the LiquidThreads API, probably for VisualEditor and DiscussionTools. Also the move API, if some wiki allows page moving for anons (although that's probably unwise). Probably relevant for some non-Wikimedia extensions too.

Change 926643 merged by jenkins-bot:

[mediawiki/extensions/CentralAuth@master] Let 'TempUserCreatedRedirect' handler run in API requests

https://gerrit.wikimedia.org/r/926643

Change 930281 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):

[mediawiki/extensions/VisualEditor@master] Reload page or redirect when saving an edit creates a temp account

https://gerrit.wikimedia.org/r/930281

Change 930282 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):

[mediawiki/extensions/DiscussionTools@master] Reload page or redirect when saving an edit creates a temp account

https://gerrit.wikimedia.org/r/930282

Change 930284 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):

[mediawiki/extensions/MobileFrontend@master] Reload page or redirect when saving an edit creates a temp account

https://gerrit.wikimedia.org/r/930284

Change 926645 merged by jenkins-bot:

[mediawiki/core@master] ApiEditPage: Return URL to finish creating temp account if enabled

https://gerrit.wikimedia.org/r/926645

Change 930281 merged by jenkins-bot:

[mediawiki/extensions/VisualEditor@master] Reload page or redirect when saving an edit creates a temp account

https://gerrit.wikimedia.org/r/930281

Change 930282 merged by jenkins-bot:

[mediawiki/extensions/DiscussionTools@master] Reload page or redirect when saving an edit creates a temp account

https://gerrit.wikimedia.org/r/930282

Change 930284 merged by jenkins-bot:

[mediawiki/extensions/MobileFrontend@master] Reload page or redirect when saving an edit creates a temp account

https://gerrit.wikimedia.org/r/930284

matmarex edited projects, added Skipped QA; removed Editing QA.

If I understand correctly, we're going to have a separate task to QA all changes related to IP Masking.

ppelberg subscribed.

If I understand correctly, we're going to have a separate task to QA all changes related to IP Masking.

Yep, that ticket is now: T344468