Login check without javascript broken
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• csteipp
	Jul 31 2013, 9:37 PM

Description

Without javascript, the central login check is failing to run correctly.

Local wiki writes an image call that looks something like title=Special:CentralAutoLogin/start&type=1x1&from=enwiki

However, CentralAutoLogin checks for

} elseif( $request->getVal( 'from' ) === wfWikiId() && $wgCentralAuthLoginWiki !== wfWikiId() ) {

Which is true in this case, and so the browser is redirected to the central wiki, to Special:CentralAutoLogin/start, which fails.

The pure javascript version of the check makes a call to:

index.php?title=Special:CentralAutoLogin/start&type=script

So the code above doesn't evaluate true, and everything works.

Version: unspecified
Severity: major

Details

Reference: bz52356

Event Timeline

• bzimport raised the priority of this task from to Needs Triage.Nov 22 2014, 2:09 AM

• bzimport added a project: MediaWiki-extensions-CentralAuth.

• bzimport set Reference to bz52356.

• csteipp created this task.Jul 31 2013, 9:37 PM

Ah, I see what's happening there. It should fix it to simply remove the "from" parameter from that particular URL; I'll test that and put the patch in Gerrit if it works.

Change 77117 had a related patch set uploaded by Anomie:
Fix non-JS login check

https://gerrit.wikimedia.org/r/77117

Change 77117 merged by jenkins-bot:
Fix non-JS login check

https://gerrit.wikimedia.org/r/77117

(In reply to comment #3)

https://gerrit.wikimedia.org/r/77117

Patch merged on 2013-08-01. Closing as FIXED, but please reopen if more work is needed (and elaborate).

MarcoAurelio moved this task from Backlog to Done on the MediaWiki-extensions-CentralAuth board.May 5 2015, 5:59 PM

Aklapper removed subscribers: Anomie, • werdna.Oct 16 2020, 5:40 PM

Login check without javascript brokenClosed, ResolvedPublicActions

Description

Details

Event Timeline

Login check without javascript broken
Closed, ResolvedPublic
Actions