Page MenuHomePhabricator

Use mw.cookie instead of directly using $.cookie in Wikibase UI code
Open, LowPublic

Description

Switching to mw.cookie would mean that cookie name would/could change (to be prefixed according to wiki config, e.g. with the wiki name) - it could actually be a reasonable change.
If the name of the cookie changed, there should either be backwards-compatibility code for a needed period of time (if possible), or the cookie would be required to be set again (i.e. e.g. user will be presented again with the popup and will need to close to set the new cookie).

Problem here only apply to the experience of non-logged in users.

Cookies involved are related to the following things:

  • "term box" initially collapsed/expanded
  • showing the copyright notice on edit
  • showing the IP notice on edit

See also discussion in https://gerrit.wikimedia.org/r/#/c/388459

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 7 2017, 11:43 AM
thiemowmde triaged this task as Low priority.Nov 7 2017, 12:11 PM
thiemowmde moved this task from incoming to needs discussion or investigation on the Wikidata board.
thiemowmde added subscribers: thiemowmde, Jonas.

https://gerrit.wikimedia.org/r/388459 was created for T167432, and is currently blocking it because of the issue described here. Note that we can entirely avoid this by postponing the change from jQuery.cookie to mw.cookie. We could remove this change from the patch, and redo it later, in a separate patch that does not block T167432.

However, I think it's easier to:

  • either add half a dozen lines of backwards compatible code that is able to find the old cookie names,
  • or live with the consequence that anonymous editors will see the two "CC-0" and "your IP will become visible" popups again.

For clarity here: T167432 is not blocked by this, as https://gerrit.wikimedia.org/r/#/c/388062 was indeed changed back to $.cookie.

This change is still worth considering though, but not worth rushing when fixing issues related to T167432.

Showing non-logged in users the pop-up again isn't great but I don't think we should invest the time to not make it show up if it is shown again anyway when the cookie is automatically deleted after 30 days. So let's go for it.