https://bugzilla.wikimedia.org/show_bug.cgi?id=42832
Web browser: ---
Bug ID: 42832
Summary: Can't return to http after login with $wgSecurelogin
Product: MediaWiki
Version: 1.21-git
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: User login
Assignee: [email protected]
Reporter: [email protected]
Classification: Unclassified
Mobile Platform: ---
When $wgSecurelogin is true, the login has the checkbox "Stay connected to
HTTPS after login".
If this option is left unchecked, the user's session cookie is set with the
secure flag, but the user is then forwarded to http, and loose their session.
If you have not patched bug 40995, then you will often not see this, since the
session frequently will be started under an insecure connection, and is not
refreshed on login.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
