Use the user pref instead of the login form checkbox for setting up
cookie security on login.
The preferences menu is still broken (always shows checked, even if
preference has been turned off), but this will log the user in (over
https), and then redirect them back to http if they have selected to
not use https. Likewise, if they have the default preference to use
https, they get the forceHTTPS cookie and other cookies secure.
Change-Id: I08f67b35f355ef193ae86cb9cca3799e247ead4e
*/
$wgSecureLogin = false;
*/
$wgSecureLogin = false;
-/**
- * By default, keep users logged in via HTTPS when $wgSecureLogin is also
- * true. Users opt-out of HTTPS when they login by de-selecting the checkbox.
- * @since 1.21
- */
-$wgSecureLoginDefaultHTTPS = true;
-
/** @} */ # end user accounts }
/************************************************************************//**
/** @} */ # end user accounts }
/************************************************************************//**
- if ( $wgSecureLogin && $request->detectProtocol() === 'https' ) {
- $a['wpStickHTTPS'] = true;
- }
-
$returnto = wfArrayToCgi( $a );
if ( $this->loggedin ) {
$personal_urls['userpage'] = array(
$returnto = wfArrayToCgi( $a );
if ( $this->loggedin ) {
$personal_urls['userpage'] = array(
$this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
$this->mAction = $request->getVal( 'action' );
$this->mRemember = $request->getCheck( 'wpRemember' );
$this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
$this->mAction = $request->getVal( 'action' );
$this->mRemember = $request->getCheck( 'wpRemember' );
- $this->mStickHTTPS = $request->getBool( 'wpStickHTTPS' );
+ $this->mFromHTTP = $request->getBool( 'fromhttp', false );
+ $this->mStickHTTPS = ( !$this->mFromHTTP && $request->detectProtocol() === 'https' ) || $request->getBool( 'wpForceHttps', false );
$this->mLanguage = $request->getText( 'uselang' );
$this->mSkipCookieCheck = $request->getCheck( 'wpSkipCookieCheck' );
$this->mToken = ( $this->mType == 'signup' ) ? $request->getVal( 'wpCreateaccountToken' ) : $request->getVal( 'wpLoginToken' );
$this->mLanguage = $request->getText( 'uselang' );
$this->mSkipCookieCheck = $request->getCheck( 'wpSkipCookieCheck' );
$this->mToken = ( $this->mType == 'signup' ) ? $request->getVal( 'wpCreateaccountToken' ) : $request->getVal( 'wpLoginToken' );
$query = array(
'returnto' => $this->mReturnTo,
'returntoquery' => $this->mReturnToQuery,
$query = array(
'returnto' => $this->mReturnTo,
'returntoquery' => $this->mReturnToQuery,
- 'wpStickHTTPS' => $this->mStickHTTPS
);
$url = $title->getFullURL( $query, false, PROTO_HTTPS );
if ( $wgSecureLogin && wfCanIPUseHTTPS( $this->getRequest()->getIP() ) ) {
);
$url = $title->getFullURL( $query, false, PROTO_HTTPS );
if ( $wgSecureLogin && wfCanIPUseHTTPS( $this->getRequest()->getIP() ) ) {
+ $url = wfAppendQuery( $url, 'fromhttp=1' );
$this->getOutput()->redirect( $url );
return;
} else {
$this->getOutput()->redirect( $url );
return;
} else {
global $wgEnableEmail, $wgEnableUserEmail;
global $wgHiddenPrefs, $wgLoginLanguageSelector;
global $wgAuth, $wgEmailConfirmToEdit, $wgCookieExpiration;
global $wgEnableEmail, $wgEnableUserEmail;
global $wgHiddenPrefs, $wgLoginLanguageSelector;
global $wgAuth, $wgEmailConfirmToEdit, $wgCookieExpiration;
- global $wgSecureLogin, $wgSecureLoginDefaultHTTPS, $wgPasswordResetRoutes;
+ global $wgSecureLogin, $wgPasswordResetRoutes;
$titleObj = $this->getTitle();
$user = $this->getUser();
$titleObj = $this->getTitle();
$user = $this->getUser();
$template->set( 'link', '' );
}
$template->set( 'link', '' );
}
- // Decide if we default stickHTTPS on
- if ( $wgSecureLoginDefaultHTTPS
- && $this->mAction != 'submitlogin'
- && !$this->mLoginattempt
- && wfCanIPUseHTTPS( $this->getRequest()->getIP() ) )
- {
- $this->mStickHTTPS = true;
- }
-
$resetLink = $this->mType == 'signup'
? null
: is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );
$resetLink = $this->mType == 'signup'
? null
: is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );
$template->set( 'usereason', $user->isLoggedIn() );
$template->set( 'remember', $user->getOption( 'rememberpassword' ) || $this->mRemember );
$template->set( 'cansecurelogin', ( $wgSecureLogin === true ) );
$template->set( 'usereason', $user->isLoggedIn() );
$template->set( 'remember', $user->getOption( 'rememberpassword' ) || $this->mRemember );
$template->set( 'cansecurelogin', ( $wgSecureLogin === true ) );
- $template->set( 'stickHTTPS', (int)$this->mStickHTTPS );
+ $template->set( 'stickhttps', (int) $this->mStickHTTPS );
if ( $this->mType === 'signup' && $user->isLoggedIn() ) {
$template->set( 'createAnother', true );
if ( $this->mType === 'signup' && $user->isLoggedIn() ) {
$template->set( 'createAnother', true );
<?php } ?>
<?php if ( $this->haveData( 'uselang' ) ) { ?><input type="hidden" name="uselang" value="<?php $this->text( 'uselang' ); ?>" /><?php } ?>
<?php if ( $this->haveData( 'token' ) ) { ?><input type="hidden" name="wpLoginToken" value="<?php $this->text( 'token' ); ?>" /><?php } ?>
<?php } ?>
<?php if ( $this->haveData( 'uselang' ) ) { ?><input type="hidden" name="uselang" value="<?php $this->text( 'uselang' ); ?>" /><?php } ?>
<?php if ( $this->haveData( 'token' ) ) { ?><input type="hidden" name="wpLoginToken" value="<?php $this->text( 'token' ); ?>" /><?php } ?>
-<?php if ( $this->data['cansecurelogin'] ) {?><input type="hidden" name="wpStickHTTPS" value="<?php $this->text( 'stickHTTPS' ); ?>" /><?php } ?>
+<?php if ( $this->data['cansecurelogin'] ) {?><input type="hidden" name="wpForceHttps" value="<?php $this->text( 'stickhttps' ); ?>" /><?php } ?>