https://bugzilla.wikimedia.org/show_bug.cgi?id=37643
Web browser: ---
Bug #: 37643
Summary: Session may not be started for non-logged-in API
edits, causing captcha to fail
Product: MediaWiki extensions
Version: master
Platform: All
OS/Version: All
Status: NEW
Keywords: patch, patch-need-review
Severity: normal
Priority: Unprioritized
Component: ConfirmEdit (CAPTCHA extension)
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
Mobile Platform: ---
This extension may use the session to store the captcha data, but does not
ensure that the session has actually been started. Setup.php will normally take
care of this, because in most cases the user will be logged in or at least have
done other things that would cause the session cookie to be set.
But if the edit is being performed by a non-logged-in user who hasn't gotten a
session cookie yet, Setup.php will not start the session. The captcha data will
thus never be saved, so the user cannot ever pass the captcha.
Gerrit changeset coming shortly.
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
