From cf97870c220c555b952a2c45f3f1159f5c05e121 Mon Sep 17 00:00:00 2001
From: Alexandre Emsenhuber <ialex.wiki@gmail.com>
Date: Fri, 22 Nov 2013 10:32:18 +0100
Subject: [PATCH] Fix login with temporary password with $wgSecureLogin = true

The problem is that FauxRequest sets the protocol to http by default,
thus triggering the redirect when executing Special:UserLogin in the
background to log the user in after having reset his password.

DerivativeRequest is now used instead of FauxRequest so that the
protocol is correctly forwarded, and the redirect will not be
triggered.

Bug: 57289
Change-Id: I252351ff7d446283c9d1ab5f79b5cdbce71b76e0
---
 includes/specials/SpecialChangePassword.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php
index 8b96e6c1d5..43a4d2cd7a 100644
--- a/includes/specials/SpecialChangePassword.php
+++ b/includes/specials/SpecialChangePassword.php
@@ -99,7 +99,7 @@ class SpecialChangePassword extends UnlistedSpecialPage {
 						'wpLoginToken' => $token,
 						'wpPassword' => $request->getVal( 'wpNewPassword' ),
 					) + $request->getValues( 'wpRemember', 'returnto', 'returntoquery' );
-					$login = new LoginForm( new FauxRequest( $data, true ) );
+					$login = new LoginForm( new DerivativeRequest( $request, $data, true ) );
 					$login->setContext( $this->getContext() );
 					$login->execute( null );
 				}
-- 
2.20.1