Author: tim987
Description:
Currently Mediawiki uses cookies when users login. The next version of mediawiki should use sessions instead of cookies. The advantages are:
More secure. If a person accidentally clicks 'remember me' when they login using a public computer, and they close the browser thinking it will log them out, another person uses the public computer and goes to the wiki the previous user was at and that person will now have full access to someone else's account.
Sessions work on browsers that have cookies disabled.
So can Mediawiki use sessions for login instead of cookies in the next version please?
Version: unspecified
Severity: enhancement