https://bugzilla.wikimedia.org/show_bug.cgi?id=55761
Web browser: ---
Bug ID: 55761
Summary: wgSecureLogin redirect to https drops campaign and
other URL parameters
Product: MediaWiki
Version: 1.22-git
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: User login and signup
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Classification: Unclassified
Mobile Platform: ---
Now that $wgSecureLogin defaults to true for most WMF wikis,
Special:UserLogin/signup redirects account creation to https. When it does so
it drops all URL parameters to signup apart from returnto and returntoquery.
As a result, we're losing campaign information, and other control over login
such as &showGettingStarted=false.
To reproduce:
Browse enwiki over http, visit a random page, click Edit, if the yellowish "You
are not logged in...." anoneditwarning bar appears, then note the http: link
for " or create an account" contains &campaign=anoneditwarning"
But when you click it, you are redirected to
https://en.wikipedia.org/w/index.php?title=Special:UserLogin/signup&returnto=Ectoedemia_sabina&returntoquery=&fromhttp=1
with no campaign parameter.
One fix is to test for campaign and add it back to the $query, in the execute()
function in includes/specials/SpecialUserlogin.php. Or, include all query
string parameters in the redirect URL.
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
