Page MenuHomePhabricator

Prefer HTML5 Web Storage over cookies for state not needed server-side
Closed, ResolvedPublic

Description

Cookies can be HTTP-only, but there is no JS-only flag. So any cookies we set, are sent to the server in every request.

http://..dev/
http://..dev/wiki/Main_Page
http://..dev/w/index.php?title=Main_Page&action=edit
http://..dev/w/api.php...
etc.

All these have the following header when enabling $wgVisualEditorShowBetaWelcome

Cookie: alphawikiUserID=1; alphawikiUserName=Root; alphawiki_session=*; ve-beta-welcome-dialog=1;

By using Web Storage (e.g. localStorage or sessionStorage) we keep it out of the http stack, and read/writes themselves after faster with localStorage as well.


Version: unspecified
Severity: enhancement

Details

Reference
bz62884

Event Timeline

bzimport raised the priority of this task from to Low.Nov 22 2014, 3:06 AM
bzimport set Reference to bz62884.
Krinkle created this task.Mar 20 2014, 6:33 PM

Change 174798 had a related patch set uploaded by Alex Monk:
Use localStorage to store ve-beta-welcome-dialog

https://gerrit.wikimedia.org/r/174798

Jdforrester-WMF set Security to None.
Jdforrester-WMF moved this task from To Triage to Blocked on the VisualEditor board.
Jdforrester-WMF renamed this task from VisualEditor: Prefer HTML5 Web Storage over cookies for state not needed server-side to Prefer HTML5 Web Storage over cookies for state not needed server-side.Nov 24 2014, 4:51 AM
TheDJ added a subscriber: TheDJ.Nov 24 2014, 1:32 PM

IMHO, we should abstract away this entire problem in MW core api with a 'user settings' api.
I made a start/mockup of something like that a while ago: https://gerrit.wikimedia.org/r/#/c/146784
but I didn't really have time to rly work on it.

Change 174798 merged by jenkins-bot:
Prefer localStorage to store ve-beta-welcome-dialog

https://gerrit.wikimedia.org/r/174798

Jdforrester-WMF moved this task from Blocked to Q4 on the VisualEditor board.Dec 10 2014, 12:24 AM