[MediaWiki-commits] [Gerrit] Setup cookies security based on user preference - change (mediawiki/core)

Wed, 21 Aug 2013 20:50:55 -0700 

CSteipp has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/80334


Change subject: Setup cookies security based on user preference
......................................................................

Setup cookies security based on user preference

Use the user pref instead of the login form checkbox for setting up
cookie security on login.

The preferences menu is still broken (always shows checked, even if
preference has been turned off), but this will log the user in (over
https), and then redirect them back to http if they have slected to
not use https. Likewise, if they have the default preference to use
https, they get the forceHTTPS cookie and other cookies secure.

Change-Id: I08f67b35f355ef193ae86cb9cca3799e247ead4e
---
M includes/Wiki.php
M includes/specials/SpecialUserlogin.php
M includes/templates/Userlogin.php
3 files changed, 5 insertions(+), 10 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core 
refs/changes/34/80334/1

diff --git a/includes/Wiki.php b/includes/Wiki.php
index 55805ba..6ac9341 100644
--- a/includes/Wiki.php
+++ b/includes/Wiki.php
@@ -510,7 +510,10 @@
                        (
                                $request->getCookie( 'forceHTTPS' ) ||
                                // Avoid checking the user and groups unless 
it's enabled.
-                               $this->context->getUser()->requiresHTTPS()
+                               (
+                                       $this->context->getUser()->isLoggedIn()
+                                       && 
$this->context->getUser()->requiresHTTPS()
+                               )
                        ) &&
                        $request->detectProtocol() == 'http'
                ) {
diff --git a/includes/specials/SpecialUserlogin.php 
b/includes/specials/SpecialUserlogin.php
index 2081dd9..fce23cd 100644
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -105,7 +105,7 @@
                $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
                $this->mAction = $request->getVal( 'action' );
                $this->mRemember = $request->getCheck( 'wpRemember' );
-               $this->mStickHTTPS = $request->getBool( 'wpStickHTTPS' );
+               $this->mStickHTTPS = false;
                $this->mLanguage = $request->getText( 'uselang' );
                $this->mSkipCookieCheck = $request->getCheck( 
'wpSkipCookieCheck' );
                $this->mToken = ( $this->mType == 'signup' ) ? 
$request->getVal( 'wpCreateaccountToken' ) : $request->getVal( 'wpLoginToken' );
@@ -175,7 +175,6 @@
                        $query = array(
                                'returnto' => $this->mReturnTo,
                                'returntoquery' => $this->mReturnToQuery,
-                               'wpStickHTTPS' => $this->mStickHTTPS
                        );
                        $url = $title->getFullURL( $query, false, PROTO_HTTPS );
                        if ( $wgSecureLogin ) {
@@ -1124,11 +1123,6 @@
                        $template->set( 'link', '' );
                }
 
-               // Decide if we default stickHTTPS on
-               if ( $wgSecureLoginDefaultHTTPS && $this->mAction != 
'submitlogin' && !$this->mLoginattempt ) {
-                       $this->mStickHTTPS = true;
-               }
-
                $resetLink = $this->mType == 'signup'
                        ? null
                        : is_array( $wgPasswordResetRoutes ) && in_array( true, 
array_values( $wgPasswordResetRoutes ) );
@@ -1158,7 +1152,6 @@
                $template->set( 'usereason', $user->isLoggedIn() );
                $template->set( 'remember', $user->getOption( 
'rememberpassword' ) || $this->mRemember );
                $template->set( 'cansecurelogin', ( $wgSecureLogin === true ) );
-               $template->set( 'stickHTTPS', (int)$this->mStickHTTPS );
 
                if ( $this->mType === 'signup' && $user->isLoggedIn() ) {
                        $template->set( 'createAnother', true );
diff --git a/includes/templates/Userlogin.php b/includes/templates/Userlogin.php
index 46a0235..2903d29 100644
--- a/includes/templates/Userlogin.php
+++ b/includes/templates/Userlogin.php
@@ -170,7 +170,6 @@
                <?php } ?>
 <?php if ( $this->haveData( 'uselang' ) ) { ?><input type="hidden" 
name="uselang" value="<?php $this->text( 'uselang' ); ?>" /><?php } ?>
 <?php if ( $this->haveData( 'token' ) ) { ?><input type="hidden" 
name="wpLoginToken" value="<?php $this->text( 'token' ); ?>" /><?php } ?>
-<?php if ( $this->data['cansecurelogin'] ) {?><input type="hidden" 
name="wpStickHTTPS" value="<?php $this->text( 'stickHTTPS' ); ?>" /><?php } ?>
 </form>
 </div>
 </div>

-- 
To view, visit https://gerrit.wikimedia.org/r/80334
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I08f67b35f355ef193ae86cb9cca3799e247ead4e
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: CSteipp <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to