As of Monday, img_auth no longer works because (guessing) when img_auth
checks for user rights via:
$title->userCanRead()
The "user" is always anonymous ("not logged in").
Is it possible that webstart.php used to automatically "log in" the user and
make available groups via:
$user->getEffectiveGroups()
But in recent updates, this no longer occurs?
Questions:
1) How would I get it to log in users?
2) Would this present a possible xss issue?
3) Was this inadvertant and can it be safely reversed?
Thanks!
jdpond