Page MenuHomePhabricator
Create Task
Maniphest T306751

Cookie block exception option for hard IP blocks
Open, Needs TriagePublicFeature
Actions

Description

When an IP address is blocked with the option to include logged-in users (e.g. hardblocked), the block includes a cookie block.

The most common case where this comes up is when a user is using an open proxy (many of these IP addresses are hardblocked), and then forgets to turn it off. They often realize it after attempting to edit, and once they turn it off, they find that they are still blocked.

The block message will only include an IP range that the user is likely no longer using. This makes troubleshooting on the user's end complicated - and makes helping the user more difficult.

Yes, it is possible to set $wgCookieSetOnAutoblock to prevent cookie blocks wholesale, but they are generally useful for other usecases.

It would be very helpful to have the option to exempt hard IP blocks from triggering cookie blocks at the time that the block is made/modified.

Related tickets:
T207609: Rangeblocks applying to IP's not in the range
T236955: Lift IP cap for edit-a-thon at Bard College Nov. 11, 2019

Related Objects

Event Timeline

SQL created this task.Apr 24 2022, 2:15 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 24 2022, 2:15 AM
TheresNoTime subscribed.Apr 24 2022, 2:16 AM
GeneralNotability subscribed.Apr 24 2022, 2:16 AM
TheresNoTime added a project: MediaWiki-Blocks.Apr 24 2022, 2:17 AM
TheresNoTime removed a subscriber: MediaWiki-Blocks.
MarioGom subscribed.Apr 24 2022, 6:59 AM
MarioGom added a comment.Apr 24 2022, 7:04 AM

I have assisted some users affected by proxy rangeblocks where they cited a message about a given range, and they would swear their current IP as shown in whatismyip.com was in a different range. I used to think they were somehow wrong, but I guess they could have been affected by this issue. Quantifying the issue would require help from CUs or SREs though...

If I understand cookie blocks properly, they should be excluded from all or most proxy/VPN/webhost blocks.

NguoiDungKhongDinhDanh updated the task description. (Show Details)May 24 2022, 1:15 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL