https://bugzilla.wikimedia.org/show_bug.cgi?id=26538

           Summary: Login limit
           Product: MediaWiki
           Version: wikimedia-deployment
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: Normal
         Component: API
        AssignedTo: roan.katt...@gmail.com
        ReportedBy: m8r-udf...@mailinator.com
                CC: bryan.tongm...@gmail.com, s...@reedyboy.net,
                    vasi...@gmail.com, soxre...@gmail.com


For the API Login, it would be nice if there was a modifiable session time
limit.

For example, a parameter lgsessionlimit=300

would mean that the sessionid would be valid for only 700 minutes (seconds
would be silly). 

This would be primarily a security enhancement and make session hijacking more
difficult if a bot op forgot (or couldn't) logout.

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to