HomePhabricator

Send a cookie with autoblocks to prevent vandalism.
1cc3a57296ffUnpublished

Authored by Parent5446 on Feb 7 2013, 9:56 PM.

Unpublished Commit · Learn More

Publishing Disabled: All publishing is disabled for this repository.

Description

Send a cookie with autoblocks to prevent vandalism.

Send a cookie with blocks that have autoblock turned on so that
the user will be identified to MediaWiki and any IP they try
to edit anonymously from will be blocked, even without logging
in to the originally blocked account. Additionally, the block
info is stored in local storage as well as an even stronger
deterrence.

Note: this is meant to deter normal vandals, i.e., not attackers
who know what cookies and local storage are and will be actively
removing the cookie.

This feature is disabled by default, and can be enabled with the
new $wgCookieSetOnAutoblock configuration variable (by setting
it to true);

The cookie will expire at the same time as the block or after
$wgCookieExpiration (whichever is sooner).

Bug: T5233
Bug: T147610
Change-Id: Ic3383af56c555c1592d272490ff4da683b9d7b1b