Page MenuHomePhabricator
Create Task
Maniphest T85130

Review request for a cookie usage in ContentTranslation
Closed, ResolvedPublic
Actions

Description

In https://gerrit.wikimedia.org/r/#/c/179105/, a domain level cookie with a short expiration time is used as a token to indicate that the translator went through the normal translation workflow. Note that this cookie is not host-level, but domain-level, with the domain being '.wikipedia.org' for Wikipedia. This allows Content Translation (CX) to redirect users between source and target language wikis.

A user going through the normal translaiton workflow will see the legal notice about the license of the content; hence, this is important.

The first phase of deployment for CX is scheduled for Jan. 15, so please review this cookie and flag it if you notice any issues.

Details

SubjectRepoBranchLines +/-
Change the cookie name for valid translation workflowmediawiki/extensions/ContentTranslationmaster+2 -2
Customize query in gerrit

Related Objects

Event Timeline

santhosh created this task.Dec 22 2014, 10:51 AM
santhosh raised the priority of this task from to Needs Triage.
santhosh updated the task description. (Show Details)
santhosh added projects: Language-Team, acl*sre-team, ContentTranslation-Deployments.
santhosh changed Security from none to None.
santhosh added a subscriber: Language-Team.
KartikMistry added a subscriber: BBlack.Dec 22 2014, 11:10 AM
KartikMistry subscribed.
Arrbee added a project: LE-Sprint-81.Dec 22 2014, 2:37 PM
Arrbee edited projects, added Blocked-on-Operations; removed acl*sre-team.
Arrbee updated the task description. (Show Details)
Arrbee moved this task from Backlog to In Progress on the LE-Sprint-81 board.Dec 22 2014, 2:39 PM
santhosh moved this task from In Progress to Blocked on the LE-Sprint-81 board.Dec 23 2014, 11:08 AM
BBlack added a comment.Dec 23 2014, 4:44 PM

I reviewed the patch, but since it's already merged I can't give it a -1. Regardless, I think the cookie names are problematic. A simple workaround would be to include a fixed string at the end of the cookie name which isn't anything like "Session" or "Token".

KartikMistry moved this task from Blocked to In Progress on the LE-Sprint-81 board.Dec 24 2014, 4:36 AM
santhosh subscribed.Dec 24 2014, 10:50 AM

Thanks. I think we can use a cookie name pattern as cx_Title_FromLang_TargetLang that will never have sufix as Session or Token

gerritbot added a project: Patch-For-Review.Dec 26 2014, 10:07 AM

Change 181863 had a related patch set uploaded (by Santhosh):
Change the cookie name for valid translation workflow

https://gerrit.wikimedia.org/r/181863

Patch-For-Review

gerritbot added a comment.Dec 26 2014, 11:29 AM

Change 181863 merged by jenkins-bot:
Change the cookie name for valid translation workflow

https://gerrit.wikimedia.org/r/181863

santhosh mentioned this in rECTX2856c66da1e6: Change the cookie name for valid translation workflow.Dec 26 2014, 11:29 AM
santhosh claimed this task.Dec 29 2014, 5:05 AM
Arrbee closed this task as Resolved.Dec 29 2014, 7:02 AM
Arrbee moved this task from In Progress to In Review on the LE-Sprint-81 board.
Arrbee removed projects: Patch-For-Review, Blocked-on-Operations.
Arrbee subscribed.
Arrbee moved this task from In Review to Done on the LE-Sprint-81 board.Dec 29 2014, 7:04 AM
RandomDSdevel updated the task description. (Show Details)Mar 2 2015, 9:29 PM
RandomDSdevel awarded a token.
santhosh mentioned this in rMEXTe1cc991b9a1b: Updated mediawiki/extensions Project: mediawiki/extensions/ContentTranslation….Mar 11 2015, 6:23 AM
santhosh moved this task from Backlog to Done on the ContentTranslation-Deployments board.Apr 20 2015, 7:25 AM
Nemo_bis added a project: ContentTranslation.Nov 23 2015, 9:22 AM
Restricted Application added a subscriber: StudiesWorld. · View Herald TranscriptNov 23 2015, 9:22 AM
Phabricator_maintenance removed a subscriber: Language-Team.Aug 8 2016, 11:58 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL