We should put T5233 behind a config variable so that we can easily disable it if there are problems (and also so that we can merge the cookie code before the EventLogging code).
It should default to false/off.
We should put T5233 behind a config variable so that we can easily disable it if there are problems (and also so that we can merge the cookie code before the EventLogging code).
It should default to false/off.
Subject | Repo | Branch | Lines +/- | |
---|---|---|---|---|
Send a cookie with autoblocks to prevent vandalism. | mediawiki/core | master | +270 -2 |
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Resolved | • TBolliger | T120734 Epic ⚡️ Improve MediaWiki's blocking tools | |||
Resolved | MusikAnimal | T5233 Send a cookie with each block | |||
Resolved | Samwilson | T147610 Add feature flag for block cookie behavior |
Is $wgCookieSetForAutoblocks a good name? Seems good to have the 'cookie' word at the beginning, for easier autocomplete and being similar to existing variables.
Current cookie-related variables in DefaultSettings are as follows:
$wgCookieExpiration = 180 * 86400; $wgExtendedLoginCookieExpiration = null; $wgCookieDomain = ''; $wgCookiePath = '/'; $wgCookieSecure = 'detect'; $wgDisableCookieCheck = false; $wgCookiePrefix = false; $wgCookieHttpOnly = true; $wgCacheVaryCookies = [];
Oh and there's other related vars: https://www.mediawiki.org/wiki/Category:Cookies_variables
Change 48029 had a related patch set uploaded (by Samwilson):
Send a cookie with autoblocks to prevent vandalism.
Change 48029 merged by jenkins-bot:
Send a cookie with autoblocks to prevent vandalism.