This security upgrade has caused issue with my application:
The Bugzilla page indicates that the cookie is returned with the first login request. I never used/stored this HTTP cookie, but instead built the cookie using the "enwiki_session=","enwikiUserID=", and other response fields.
These fields are no longer present in the first HTTP response (or the second -- which fails due to lack of cookie). Is this functionality we should expect to return?
Thanks, -AW