Page MenuHomePhabricator

Isolate wikidata.org cookies and CORS policies
Closed, ResolvedPublic

Description

If we're deploying wqds to a wikidata.org subdomain,

  • cookies for the domain need to be set for explicit subdomains that need them
  • CORS policy needs to be updated to whitelist only subdomains that need it

Event Timeline

csteipp raised the priority of this task from to Medium.
csteipp updated the task description. (Show Details)
csteipp added subscribers: JohnLewis, hoo, GWicke and 23 others.
Smalyshev raised the priority of this task from Medium to High.Aug 6 2015, 8:13 PM

Change 230247 had a related patch set uploaded (by Legoktm):
Isolate wikidata.org cookies and CORS policies

https://gerrit.wikimedia.org/r/230247

Change 230247 merged by jenkins-bot:
Isolate wikidata.org cookies and CORS policies

https://gerrit.wikimedia.org/r/230247

Legoktm claimed this task.

Deployed. I'll send a heads-up to wikidata-tech about this change.

It seems we forgot about m.wikidata.org .

m.wikidata.org will get fixed with a general mobile fix-- it should already
work for non-js browsers. I just haven't had the time to put in the js fix,
but if wikidata is getting significant mobile traffic, I can up the
priority of that.

It does not right now but that will hopefully change in the next month depending on Bene's work during his internship. He'll make the mobile version work better so we can hopefully then switch to redirecting people on mobile there by default.

Thanks Lydia. T100413 is the task for that work.

The m.wikidata.org regression is tracked in T112087.