Page MenuHomePhabricator
Create Task
Maniphest T7748

Seemingly logged out after editting
Closed, InvalidPublic
Actions

Description

Author: hjernespiser

Description:
Is there some change with the way Cookies and Host are handled? I've noticed on
my own MediaWiki-driven site that after saving an edit or saving preferences I
would get redirected to a page asking me to log in again. My Apache server is
set up with the ServerName as <domain>.<tld> and a ServerAlias of
www.<domain>.<tld>. I was logged into my account with www.<domain>.<tld> in the
URL. After I hit save on an edit page or preferences I noticed I was being
redirected to <domian>.<tld>/wiki/<Page> instead. The cookie 'site' is
<domain>.<tld> but the info in the cookie shows Host of www.<domain>.<tld>. The
browser isn't sending the cookie info on the redirect.

This seems to have started since I upgraded, I swear. I can't remember this
happening before with 1.5.8. I've tested this both on Firefox and Opera.

Start request
POST /index.php?title=TyvaWiki:Sandbox&action=submit
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Accept-Encoding: gzip,deflate
Accept-Language: en-us,en;q=0.5
Connection: keep-alive
Content-Length: 13268
Content-Type: multipart/form-data; boundary=---------------------------146043902153
Cookie: wikidb_tw__session=****; wikidb_tw_UserID=2;
wikidb_tw_UserName=Sborsody; wikidb_tw
_Token=****
Host: www.tyvawiki.org
Keep-Alive: 300
Referer: http://www.tyvawiki.org/index.php?title=TyvaWiki:Sandbox&action=edit
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.2)
Gecko/20060308 Firefox/1.5.0.2

Start request
GET /wiki/TyvaWiki:Sandbox
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Accept-Encoding: gzip,deflate
Accept-Language: en-us,en;q=0.5
Connection: keep-alive
Host: tyvawiki.org
If-Modified-Since: Fri, 28 Apr 2006 18:33:57 GMT
If-None-Match: W/"wikidb:pcache:idhash:*******"
Keep-Alive: 300
Referer: http://www.tyvawiki.org/index.php?title=TyvaWiki:Sandbox&action=edit
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.2)
Gecko/20060308 Firefox/1.5.0.2

Version: 1.6.x
Severity: normal
OS: Windows XP
Platform: PC
URL: http://tyvawiki.org

Details

Reference
bz5748

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:12 PM
bzimport added a project: MediaWiki-General.
bzimport set Reference to bz5748.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Apr 28 2006, 7:14 PM
brion added a comment.Apr 29 2006, 9:24 PM

Set up your server to consistently use a single hostname and redirect alternates
to the canonical form, or you can expect to have such troubles.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL