Page MenuHomePhabricator
Create Task
Maniphest T31847

Regression: &action=unwatch is broken with JS off
Closed, DeclinedPublic
Actions

Description

Session failure
There seems to be a problem with your login session; this action has been canceled as a precaution against session hijacking. Go back to the previous page, reload that page and then try again.

Happens when JS is disabled. Probably regression from the watch token api change.

Version: unspecified
Severity: major

Details

Reference
bz29847

Related Objects
Search...

Event Timeline

bzimport raised the priority of this task from to High.Nov 21 2014, 11:26 PM
bzimport added a project: MediaWiki-Watchlist.
bzimport set Reference to bz29847.
bzimport added a subscriber: Unknown Object (MLST).
DieBuche created this task.Jul 12 2011, 5:03 PM
brooke added a comment.Jul 12 2011, 5:10 PM

The watch tab in Vector skin seems to work just fine with JS off. Are you explicitly doing a ?action=unwatch link manually, or is this a UI component elsewhere in the interface, or with a particular skin that might be behaving differently?

aaron added a comment.Jul 12 2011, 5:32 PM

Works for me. But user mailer is sending unwatch links without a token.
Hopefully, the token last long enough to work well in emails.

brooke added a comment.Jul 12 2011, 7:02 PM

No, tokens cannot be used from emails -- by definition they cannot since whatever's being sent is *not in your session*.

aaron added a comment.Jul 13 2011, 8:30 PM

What links are getting this error?

aaron added a comment.Aug 10 2011, 6:48 PM

Closing as WFM, can't repro on /trunk.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits