Am 10.03.2014 16:54, schrieb Chris Steipp: >> 1) catch the click on the "Login" link to show a banner first to ask for >> the users consent, on acceptance forward the user to the login page >> >> 2) modify the login process to set the cookie after the actual login and >> put an additional text on the login page like "by logging in I accept >> the usage of cookies by this website"
> The cookie on the login page is for the anti-csrf (and captcha if needed) > validation, so getting rid of it would be problematic from a technical > perspective (or would require a second click on the login page). Thanks Chris for this comment. So that leaves us with option 1) - a javascript banner. I think that shouldn't be too hard to implement. A <div> which hovers over the Wiki page, the text, two buttons [accept] / [leave]. Accept points to Special:Userlogin, leave just closes the banner. A javascript that shows this <div> onclick() on the Login link, if no cookie has already been set by the Wiki. Maybe even a LocalSettings.php variable $wgApproveCookies = true; that is true by default and allows admins of internal company wikis etc. to disable that banner. As an option we could even add another setting $wgApproveCookiesAlways, which makes the same <div> to show up as soon as a user enters the wiki. That way we can support admins that have further extensions installed in their wiki which add cookies right away - like Google Analytics. /Manuel -- Wikimedia CH - Verein zur Förderung Freien Wissens Lausanne, +41 (21) 34066-22 - www.wikimedia.ch _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
