What would be the ill effects of disabling cookie check? Like this: $wgDisableCookieCheck = true;
It seem I'll have to do this on a special scenario. We need to provide a way to open a specific wiki page from a desktop application (context-sensitive help on the wiki). We also need to authenticate the desktop user on the wiki.
What we're doing now is to redirect to an auxiliary web page that in background fakes a post to Special:Userlogin and outputs the HTML returned by the login form.
This trickery works well, with the exception that apparently the login cookie is not set, or is set on a different context. Anyway, in function processLogin(), hasSessionCookie() returns false and this causes a redirect to the home page of the wiki.
We're circumventing it by disabling cookie check.
The end result is that the user is authenticated, his user name appears on the wiki, and everything seems to work well.
But I wonder if there is any side effect of not having the cookie set.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Fernando Correia wrote:
What would be the ill effects of disabling cookie check? Like this: $wgDisableCookieCheck = true;
Logins for users with cookies disabled may have a slightly more confusing result (eg, the error message isn't as clear).
- -- brion vibber (brion @ pobox.com / brion @ wikimedia.org)
mediawiki-l@lists.wikimedia.org