https://bugzilla.wikimedia.org/show_bug.cgi?id=20251
--- Comment #8 from Roan Kattouw <roan.katt...@gmail.com> 2009-08-23 10:51:44 UTC --- (In reply to comment #6) > Correcting summary. They can be added to the explicit autologin list, but I > don't really want like 20 rarely-used specialty wikis slowing down every > user's > logins. The cross-domain cookies are just extra sugar, anyway for now... > There's not that many non-private *.wikimedia.org wikis, only like 7 or so. That'd still double the number of images, of course. > Roan, I'm not sure I understand what bug 20298 actually accomplishes. My > impression is that it basically would allow the same thing that the > <img>-to-set-a-cookie already does, but you could do it by XHR instead of an > <img> (only supporting browsers) and it might or might not override users' > settings on cross-domain cookie setting. > > As I understand, it would still require a hit per site to set the cookies, and > wouldn't get past our need to limit access to only certain *.wikimedia.org > subdomains. > You're right, I misunderstood what it did. For some reason, undoubtedly influenced by wishful thinking, I was under the impression that it'd allow cookies to go cross-domain (e.g. from *.wikipedia.org to usability.wikimedia.org ) if both domains allowed it. This isn't possible (yet?). Another possible solution using cross-domain AJAX the way it actually works would be to have wikis that aren't on the *.wikipedia.org domain to grab http://en.wikipedia.org/w/api.php?action=query&meta=userinfo , which is passed the user's *.wikipedia.org cookie (because of the Access-Control-Allow-Credentials: true header) and returns whether and as whom the user is logged in at enwiki. There may be some security implications here, so it may be desirable to introduce a new API module for this, but the basic idea sounds like it could work. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
