dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Check that empty content is valid only on handlers that allow direct editing.
[lhc/web/wiklou.git] / includes / DefaultSettings.php
diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index a1a4067..c483366 100644 (file)
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -5989,7 +5989,10 @@ $wgSessionName = false;
 
 /**
  * Whether to set a cookie when a user is autoblocked. Doing so means that a blocked user, even
- * after logging out and moving to a new IP address, will still be blocked.
+ * after logging out and moving to a new IP address, will still be blocked. This cookie will contain
+ * an authentication code if $wgSecretKey is set, or otherwise will just be the block ID (in
+ * which case there is a possibility of an attacker discovering the names of revdeleted users, so
+ * it is best to use this in conjunction with $wgSecretKey being set).
  */
 $wgCookieSetOnAutoblock = false;
 
Wiklou, le Wiki du Wiklou