These response values, deprecated in December 2015, will no longer be returned in the response to action=login. This change should be deployed to WMF wikis with 1.28.0-wmf.13, see https://www.mediawiki.org/wiki/MediaWiki_1.28/Roadmap for the schedule.
Note that the lgtoken *parameter* to action=login is not removed, nor is the 'token' response value included along with a NeedToken response. This is expected to have a low client impact, since proper handling of the Set-Cookie headers (rather than manually building cookies using these response values) has been effectively required for some time now. The original deprecation announcement is quoted below: On Tue, Dec 15, 2015 at 11:11 AM, Brad Jorsch (Anomie) < bjor...@wikimedia.org> wrote: > Long ago, the only mechanism for session management in MediaWiki was > certain cookies set by the User class. When ApiLogin was written, in > addition to setting these cookies as usual it also returned some of the > values needed to construct these cookies on the client. Presumably this was > to make things easier for clients that somehow couldn't handle the standard > cookie headers. > > Then CentralAuth came along. Now, constructing the cookies manually would > log you in to the local wiki only, without taking advantage of the SUL > mechanism. > > Then T55032[1] happened, and clients that were using the > manual-construction mechanism had to update their code because one of the > cookie names changed and that wasn't part of the data being returned. > > And soon, we'll have SessionManager and AuthManager, which will make it > possible for login to easily happen in ways that don't involve cookies at > all. > > So it's time to eliminate the pretense that clients can manually construct > the cookies instead of handing the standard HTTP cookie headers. Tentative > plan is to deprecate them now and then remove them sometime during 1.28; if > anyone objects to this schedule, please raise your concerns in > https://phabricator.wikimedia.org/T121527. > > > [1]: https://phabricator.wikimedia.org/T55032 > > -- > Brad Jorsch (Anomie) > Senior Software Engineer > Wikimedia Foundation > -- Brad Jorsch (Anomie) Senior Software Engineer Wikimedia Foundation
_______________________________________________ Mediawiki-api-announce mailing list mediawiki-api-annou...@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-api-announce
_______________________________________________ Mediawiki-api mailing list Mediawiki-api@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-api
