Create an option to have the stickHTTPS checkbox set for all users.
When this option, $wgSecureLoginDefaultHTTPS, is true, all logged in
users will be default have their session stay in HTTPS, unless they
uncheck the box to return to the insecure option.
Change-Id: Ie846d2dc3ac5ea43bd76caa2f0eb5dbd65dbf181
*/
$wgSecureLogin = false;
*/
$wgSecureLogin = false;
+/**
+ * By default, keep users logged in via HTTPS when $wgSecureLogin is also
+ * true. Users opt-out of HTTPS when they login by de-selecting the checkbox.
+ * @since 1.21
+ */
+$wgSecureLoginDefaultHTTPS = true;
+
/** @} */ # end user accounts }
/************************************************************************//**
/** @} */ # end user accounts }
/************************************************************************//**
global $wgEnableEmail, $wgEnableUserEmail;
global $wgHiddenPrefs, $wgLoginLanguageSelector;
global $wgAuth, $wgEmailConfirmToEdit, $wgCookieExpiration;
global $wgEnableEmail, $wgEnableUserEmail;
global $wgHiddenPrefs, $wgLoginLanguageSelector;
global $wgAuth, $wgEmailConfirmToEdit, $wgCookieExpiration;
- global $wgSecureLogin, $wgPasswordResetRoutes;
+ global $wgSecureLogin, $wgSecureLoginDefaultHTTPS, $wgPasswordResetRoutes;
$titleObj = $this->getTitle();
$user = $this->getUser();
$titleObj = $this->getTitle();
$user = $this->getUser();
$template->set( 'link', '' );
}
$template->set( 'link', '' );
}
+ // Decide if we default stickHTTPS on
+ if ( $wgSecureLoginDefaultHTTPS && $this->mAction != 'submitlogin' && !$this->mLoginattempt ) {
+ $this->mStickHTTPS = true;
+ }
+
$resetLink = $this->mType == 'signup'
? null
: is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );
$resetLink = $this->mType == 'signup'
? null
: is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );