So an update. I'm pretty sure I've worked this out. CentralAuth will only work if the user has previously visited the wiki project the login attempt is made for. Many browsers these days refuse cookies for sites the user has not visited. I'm still investigating but I'm pretty sure an image to a URL counts as a previous visit. On 28 Feb 2013 13:07, "Juliusz Gonera" jgonera@wikimedia.org wrote:
On 02/27/2013 05:13 PM, Paul Selitskas wrote:
Do you use the same protocol in Wikipedia and other projects? When I first log in via HTTPS and then somehow get to HTTP, I need to log in.
We use the same protocol. We enforce HTTPS after login, and later use protocol agnostic URLs.
-- Juliusz
______________________________**_________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/**mailman/listinfo/wikitech-lhttps://lists.wikimedia.org/mailman/listinfo/wikitech-l