Anomie has uploaded a new change for review.
https://gerrit.wikimedia.org/r/288048
Change subject: Set force-use flag from CentralAuthTokenSessionProvider
......................................................................
Set force-use flag from CentralAuthTokenSessionProvider
While this session provider already takes option 1 from I8c6fab2ec for
the most common case by including the CentralAuth token in the hashed
data, it's possible that a 'SessionCheckInfo' function might do
something to cause breakage here. So to be safe (and to set a good
example), set the force-use flag.
Change-Id: I407a8f86fce0df8fa803308666e71a4734c22cac
---
M includes/session/CentralAuthTokenSessionProvider.php
1 file changed, 1 insertion(+), 0 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/CentralAuth
refs/changes/48/288048/1
diff --git a/includes/session/CentralAuthTokenSessionProvider.php
b/includes/session/CentralAuthTokenSessionProvider.php
index d3da64e..727e786 100644
--- a/includes/session/CentralAuthTokenSessionProvider.php
+++ b/includes/session/CentralAuthTokenSessionProvider.php
@@ -124,6 +124,7 @@
'provider' => $this,
'id' => $this->hashToSessionId( join( "\n", $data ) ),
'persisted' => true,
+ 'forceUse' => true,
);
// Delete the token once it's actually used
--
To view, visit https://gerrit.wikimedia.org/r/288048
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I407a8f86fce0df8fa803308666e71a4734c22cac
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
