From af5f850ec3087febcb6d74d48ddf3e8f6126698c Mon Sep 17 00:00:00 2001
From: Adam Roses Wight <awight@wikimedia.org>
Date: Mon, 11 Mar 2013 12:26:53 -0700
Subject: [PATCH] mediawiki.user: Use session ID instead of 1-year
 cross-session cookies

No cookies should be assigned for longer than session expiry.

Bug: 44327
Change-Id: If2f096dadb639769d859e1596d84b3ad5775a01d
---
 resources/mediawiki/mediawiki.user.js | 20 +++-----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/resources/mediawiki/mediawiki.user.js b/resources/mediawiki/mediawiki.user.js
index e036dc9b22..9fd2e5e459 100644
--- a/resources/mediawiki/mediawiki.user.js
+++ b/resources/mediawiki/mediawiki.user.js
@@ -141,30 +141,16 @@
 		};
 
 		/**
-		 * Gets the current user's name or a random ID automatically generated and kept in a cookie.
-		 *
-		 * This ID is persistent for anonymous users, staying in their browser up to 1 year. The
-		 * expiration time is reset each time the ID is queried, so in most cases this ID will
-		 * persist until the browser's cookies are cleared or the user doesn't visit for 1 year.
+		 * Gets the current user's name or the session ID
 		 *
 		 * @return {string} User name or random session ID
 		 */
 		this.id = function () {
-			var id,
-				name = user.getName();
+			var name = user.getName();
 			if ( name ) {
 				return name;
 			}
-			id = $.cookie( 'mediaWiki.user.id' );
-			if ( typeof id === 'undefined' || id === null ) {
-				id = user.generateRandomSessionId();
-			}
-			// Set cookie if not set, or renew it if already set
-			$.cookie( 'mediaWiki.user.id', id, {
-				expires: 365,
-				path: '/'
-			} );
-			return id;
+			return user.sessionId();
 		};
 
 		/**
-- 
2.20.1