Page MenuHomePhabricator

Tune cookie behaviors for 'phcid', 'phreg', etc
ClosedPublic

Authored by epriestley on Mar 14 2014, 7:46 PM.
Tags
None
Referenced Files
F15504232: D8537.id.diff
Mon, Apr 14, 4:54 PM
F15503723: D8537.id20264.diff
Mon, Apr 14, 12:33 PM
F15503551: D8537.id20258.diff
Mon, Apr 14, 10:42 AM
F15502325: D8537.diff
Sun, Apr 13, 11:49 PM
F15424476: D8537.id.diff
Mar 22 2025, 10:34 PM
F15390113: D8537.id20258.diff
Mar 15 2025, 5:55 AM
F15337568: D8537.diff
Mar 9 2025, 6:31 AM
F15309171: D8537.id20258.diff
Mar 6 2025, 6:58 AM
Subscribers

Details

Summary

Fixes T3471. Specific issues:

  • Add the ability to set a temporary cookie (expires when the browser closes).
  • We overwrote 'phcid' on every page load. This creates some issues with browser extensions. Instead, only write it if isn't set. To counterbalance this, make it temporary.
  • Make the 'next_uri' cookie temporary.
  • Make the 'phreg' cookie temporary.
  • Fix an issue where deleted cookies would persist after 302 (?) in some cases (this is/was 100% for me locally).
Test Plan
  • Closed my browser, reopned it, verified temporary cookies were gone.
  • Logged in, authed, linked, logged out.

Diff Detail

Repository
rP Phabricator
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

epriestley retitled this revision from to Tune cookie behaviors for 'phcid', 'phreg', etc.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
btrahan edited edge metadata.

First I can't have $_GET / $_POST parameters called 'code', and now I can't have $_COOKIE values of 'deleted' ?

Macro suchwow: much sparta such writ

This revision is now accepted and ready to land.Mar 14 2014, 8:06 PM

Yeah, this technically burns users with the username deleted, since it won't prefill in the "Username: ..." field anymore.

We could put some kind of escaping on that cookie if anyone ever complains.

epriestley updated this revision to Diff 20264.

Closed by commit rP559c0fe88663 (authored by @epriestley).