Right now, if you log into the wiki under HTTPS protocol, then visit a page under HTTP protocol, it shows you as logged out. This is bad practice, because requires logging in again. The cookies should be shared in HTTP and HTTPS.
Version: wmf-deployment
Severity: normal