Page MenuHomePhabricator
Create Task
Maniphest T348801

No warning logged in Wikimedia production when CentralAuth tries to send headers after body
Open, Needs TriagePublicBUG REPORT
Actions

Description

I discovered this via T347889: Investigate why CentralAuth edge login fails in browsers that do not block third-party cookies; to test locally, I added setcookie('test', 1); to the end of SpecialCentralAutoLogin::doFinalOutput() and then loaded <loginwiki>/wiki/Special:CentralAutoLogin/start?type=1x1 (which results in an error). I get an ErrorException on the error channel with severity ERROR, with the message PHP Warning: Cannot modify header information - headers already sent by (output started at /vagrant/mediawiki/extensions/CentralAuth/includes/Special/SpecialCentralAutoLogin.php:780) which is expected behavior. Yet there are no errors like that in the production logs.

error_reporting() gives 30719 in shell.php which is E_ALL & ~E_STRICT, so warnings should be logged. At a glance, no production-deployed code seems to unset error reporting.

Related Objects

Event Timeline

Tgr created this task.Oct 12 2023, 7:47 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 12 2023, 7:47 PM
Tgr renamed this task from No warning logged in CentralAuth when trying to send headers after body to No warning logged in Wikimedia production when CentralAuth tries to send headers after body.Oct 12 2023, 7:48 PM
Tgr mentioned this in T347889: Investigate why CentralAuth edge login fails in browsers that do not block third-party cookies.Oct 12 2023, 7:54 PM
thcipriani edited projects, added SRE Observability; removed Observability-Logging, Wikimedia-production-error.Oct 26 2023, 3:22 PM
thcipriani subscribed.

Removing "production error" since it's to track errors we're seeing in production (opposite of this :D) Tagging in SRE Observability in case there's something in the logging pipeline to investigate.

lmata removed a project: SRE Observability.Nov 8 2023, 3:13 PM
lmata subscribed.

Hi Folks, had an internal team discussion, and we dont think there is anything actionable on our end. Please re-tag if you have any follow-ups. Thanks!

kostajh subscribed.Apr 19 2024, 7:02 AM
kostajh added a comment.Apr 19 2024, 7:55 AM

I see this error in my local environment (PHP 8.1, Apache) and am confused as to 1) why we don't see this error logged in production and 2) why this doesn't cause more serious issues related to central login, as the console error (Uncaught SyntaxError: Unexpected token '<' (at checkLoggedIn?type=script&wikiid=enwiki:2:223)) indicates that checkLoggedIn JavaScript doesn't run successfully.

Tgr added a project: MediaWiki-extensions-CentralAuth.May 3 2024, 12:31 PM
Restricted Application added a project: MediaWiki-Platform-Team. · View Herald TranscriptMay 3 2024, 12:31 PM
kostajh added a comment.May 3 2024, 12:49 PM
In T348801#9728806, @kostajh wrote:

I see this error in my local environment (PHP 8.1, Apache) and am confused as to 1) why we don't see this error logged in production and 2) why this doesn't cause more serious issues related to central login, as the console error (Uncaught SyntaxError: Unexpected token '<' (at checkLoggedIn?type=script&wikiid=enwiki:2:223)) indicates that checkLoggedIn JavaScript doesn't run successfully.

Filed that specific error as T364116: checkLoggedIn script fails with headers already sent error

Tgr added a comment.May 3 2024, 1:14 PM

I suspect whether the error is happening at all depends on MediaWiki and/or Apache output buffering config (e.g. $wgDisableOutputCompression, mod_deflate). But T347889 was happening in production (it broke central autologin), it just did not get logged.

larissagaulia moved this task from Inbox, needs triage to Not planned (Patches welcome!) on the MediaWiki-Platform-Team board.May 13 2024, 11:21 AM
JTweed-WMF edited projects, added MediaWiki-Platform-Team (Roadmap); removed MediaWiki-Platform-Team.Jan 22 2025, 3:45 PM
JTweed-WMF moved this task from Now => Move to Inbox to Parking Lot on the MediaWiki-Platform-Team (Roadmap) board.
OWresch-WMF moved this task from Roadmap to Not planned / Patches welcome on the MediaWiki-Platform-Team board.Tue, Jan 20, 11:18 AM
OWresch-WMF edited projects, added MediaWiki-Platform-Team; removed MediaWiki-Platform-Team (Roadmap).
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits