On Sun, Jan 29, 2012 at 4:17 PM, Tom <[email protected]> wrote: > Flushing cache with CRTL F5. IE9 still shows just login. If it was a > cache page I would expect to see username, etc. > > Logged in appearance is the ability to edit pages. Anonymous users are > denied edit privileges. What concerns me more, if an edit is done, ip > address shows as editor in page history. > > CTRL F5 in Chrome shows username and logged in. Edit shows username. > > It is like you are 1/2 logged in. You are a valid token for a user, but > can't determine which so it falls back on ip address instead. > > Huge security hole, public computer. If a user logs out it is fine. The > token is broken. But if they just close browser, and someone reopened to > same wiki, you have edit privileges. Unless it is my host and I have to > force a new session somehow. > > > Tom > Sent from my iPhone > > On Jan 29, 2012, at 3:45 PM, Platonides <[email protected]> wrote: > > > On 29/01/12 19:48, Tom wrote: > >> Was this fixed or written about somewhere.? 16.0 having cookie issues. > >> > >> IE 9 is holding partial session cookie. If I login in IE 9 then close > the browser, > >> then reopen browser mediawiki sees a partial cookie. I appear to be > logged in, can edit, > >> yet ip is logged not username. The top right user menu just shows log > in. When I move > >> to different pages, ip shows, edit is available, login link still > showing. > > > > If the top right menu is asking you to log in (whether it shows your ip > or not, that bit doesn't matter), what makes you "appear to be logged in"? > > Is it that the first page after reopening the browser is showing your > username there? That page could have been retrieved from the cache, instead > of the new (the problem wouldn't be cookies but cache serving stale pages). > > > > > > > > _______________________________________________ > > MediaWiki-l mailing list > > [email protected] > > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > > _______________________________________________ > MediaWiki-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l >
Reads like these discussions, http://lists.wikimedia.org/pipermail/mediawiki-l/2011-October/038035.html http://lists.wikimedia.org/pipermail/mediawiki-l/2011-November/038160.html and this bug, https://bugzilla.wikimedia.org/show_bug.cgi?id=32122 _______________________________________________ MediaWiki-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
