Page MenuHomePhabricator

Isolate cookies and CORS policies
Closed, ResolvedPublic


If we're deploying wqds to a subdomain,

  • cookies for the domain need to be set for explicit subdomains that need them
  • CORS policy needs to be updated to whitelist only subdomains that need it

Event Timeline

csteipp raised the priority of this task from to Medium.
csteipp updated the task description. (Show Details)
csteipp added subscribers: JohnLewis, hoo, GWicke and 23 others.
Smalyshev raised the priority of this task from Medium to High.Aug 6 2015, 8:13 PM

Change 230247 had a related patch set uploaded (by Legoktm):
Isolate cookies and CORS policies

Change 230247 merged by jenkins-bot:
Isolate cookies and CORS policies

Legoktm claimed this task.

Deployed. I'll send a heads-up to wikidata-tech about this change.

It seems we forgot about . will get fixed with a general mobile fix-- it should already
work for non-js browsers. I just haven't had the time to put in the js fix,
but if wikidata is getting significant mobile traffic, I can up the
priority of that.

It does not right now but that will hopefully change in the next month depending on Bene's work during his internship. He'll make the mobile version work better so we can hopefully then switch to redirecting people on mobile there by default.

Thanks Lydia. T100413 is the task for that work.

The regression is tracked in T112087.