Am 10.03.2014 17:01 schrieb "Manuel Schneider" < [email protected]>: > > Am 10.03.2014 16:54, schrieb Chris Steipp: > >> 1) catch the click on the "Login" link to show a banner first to ask for > >> the users consent, on acceptance forward the user to the login page > >> > >> 2) modify the login process to set the cookie after the actual login and > >> put an additional text on the login page like "by logging in I accept > >> the usage of cookies by this website" > > > The cookie on the login page is for the anti-csrf (and captcha if needed) > > validation, so getting rid of it would be problematic from a technical > > perspective (or would require a second click on the login page). > > Thanks Chris for this comment. > > So that leaves us with option 1) - a javascript banner. I think that > shouldn't be too hard to implement. > > A <div> which hovers over the Wiki page, the text, two buttons [accept] > / [leave]. Accept points to Special:Userlogin, leave just closes the banner. > A javascript that shows this <div> onclick() on the Login link, if no > cookie has already been set by the Wiki. > > Maybe even a LocalSettings.php variable $wgApproveCookies = true; that > is true by default and allows admins of internal company wikis etc. to > disable that banner. > > As an option we could even add another setting $wgApproveCookiesAlways, > which makes the same <div> to show up as soon as a user enters the wiki. > That way we can support admins that have further extensions installed in > their wiki which add cookies right away - like Google Analytics. >
Is there any technical argument against this proposal? Rupert _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
