r76078 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r76077‎ | r76078 | r76079 >
Date:11:47, 5 November 2010
Author:catrope
Status:reverted
Tags:
Comment:
1.16wmf4: MFT r76077
Modified paths:
  • /branches/wmf/1.16wmf4/includes/api/ApiLogin.php (modified) (history)

Diff [purge]

Index: branches/wmf/1.16wmf4/includes/api/ApiLogin.php
@@ -85,7 +85,6 @@
8686 $result['lgusername'] = $wgUser->getName();
8787 $result['lgtoken'] = $wgUser->getToken();
8888 $result['cookieprefix'] = $wgCookiePrefix;
89 - $result['sessionid'] = session_id();
9089 break;
9190
9291 case LoginForm::NEED_TOKEN:
@@ -93,7 +92,6 @@
9493 $result['result'] = 'NeedToken';
9594 $result['token'] = $loginForm->getLoginToken();
9695 $result['cookieprefix'] = $wgCookiePrefix;
97 - $result['sessionid'] = session_id();
9896 break;
9997
10098 case LoginForm::WRONG_TOKEN:
Property changes on: branches/wmf/1.16wmf4/includes/api/ApiLogin.php
___________________________________________________________________
Modified: svn:mergeinfo
10199 Merged /trunk/phase3/includes/api/ApiLogin.php:r76077

Follow-up revisions

RevisionCommit summaryAuthorDate
r760811.16wmf4: Revert r76078: was a merge of r76077 which was revertedcatrope11:59, 5 November 2010

Past revisions this follows-up on

RevisionCommit summaryAuthorDate
r76077(bug 25793) Don't output the session ID over HTTP, allows session hijacking b...catrope11:42, 5 November 2010

Status & tagging log