git.heureux-cyclage.org - lhc/web/wiklou.git/commit

author	Tyler Anthony Romeo <tylerromeo@gmail.com>
	Thu, 7 Feb 2013 21:56:54 +0000 (16:56 -0500)
committer	Kaldari <rkaldari@wikimedia.org>
	Wed, 16 Nov 2016 18:29:46 +0000 (10:29 -0800)
commit	1cc3a57296ffa6688d62362b45f71bcbd6be78f2
tree	208f288ec8b42f25e37df48bc4cb6e5a2af22eba	tree \| snapshot
parent	ea42d90053b36cef47f318a1d50c18dfafc6b7b8	commit \| diff

Send a cookie with autoblocks to prevent vandalism.

Send a cookie with blocks that have autoblock turned on so that
the user will be identified to MediaWiki and any IP they try
to edit anonymously from will be blocked, even without logging
in to the originally blocked account. Additionally, the block
info is stored in local storage as well as an even stronger
deterrence.

Note: this is meant to deter normal vandals, i.e., not attackers
who know what cookies and local storage are and will be actively
removing the cookie.

This feature is disabled by default, and can be enabled with the
new $wgCookieSetOnAutoblock configuration variable (by setting
it to true);

The cookie will expire at the same time as the block or after
$wgCookieExpiration (whichever is sooner).

Bug: T5233
Bug: T147610
Change-Id: Ic3383af56c555c1592d272490ff4da683b9d7b1b

RELEASE-NOTES-1.28		diff \| blob \| history
includes/Block.php		diff \| blob \| history
includes/DefaultSettings.php		diff \| blob \| history
includes/EditPage.php		diff \| blob \| history
includes/user/User.php		diff \| blob \| history
resources/Resources.php		diff \| blob \| history
resources/src/mediawiki/mediawiki.user.blockcookie.js	[new file with mode: 0644]	blob
tests/phpunit/includes/user/UserTest.php		diff \| blob \| history