On 11/6/14 4:45 PM, Chris Steipp wrote:
For me, I like knowing that when I login on a random
wiki in our
cluster, a site admin can't have (maliciously or unintentionally) put
javascript on the login page to sniff my password. I'd prefer Kunal's
patch had a feature flag so we could disable this on WMF wikis, but
sites with robust auditing of their common.css can enable it.
I've amended <https://gerrit.wikimedia.org/r/#/c/165979/3> to be
controlled by a config setting.
-- Legoktm