Enforce load.php's no-session constraint

Attempts to use session data via this endpoint will now cause exceptions
to be thrown.

Bug: T127233
Change-Id: Id83eda9564314bb4e11368aa395127f349b2cff4

diff --git a/load.php b/load.php
index 2b97f7a..c832237 100644 (file)
--- a/load.php
+++ b/load.php
@@ -25,9 +25,8 @@
 use MediaWiki\Logger\LoggerFactory;
 
 // This endpoint is supposed to be independent of request cookies and other
-// details of the session. Log warnings for violations of the no-session
-// constraint.
-define( 'MW_NO_SESSION', 'warn' );
+// details of the session. Enforce this constraint with respect to session use.
+define( 'MW_NO_SESSION', 1 );
 
 require __DIR__ . '/includes/WebStart.php';