In an effort to make cookies work on a farm, Auth_remoteuser munges the cookie prefix so that it cannot be forwarded by VisualEditor and/or Parsoid to authenticate a user on a private wiki. Parsoid errors out complaining the API is read only even though the problem is that the cookie doesn't match what is expected.
Fix that caused this bug: 921c65f696a5
Discussion about fix: I4ce096f3d287bcf611c2b6baad522baf07065a48
Bug: T171190