dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
b200ac0
)
(bug 25793) Don't output the session ID over HTTP, allows session hijacking because...
author
Roan Kattouw
<catrope@users.mediawiki.org>
Fri, 5 Nov 2010 11:42:41 +0000
(11:42 +0000)
committer
Roan Kattouw
<catrope@users.mediawiki.org>
Fri, 5 Nov 2010 11:42:41 +0000
(11:42 +0000)
includes/api/ApiLogin.php
patch
|
blob
|
history
diff --git
a/includes/api/ApiLogin.php
b/includes/api/ApiLogin.php
index
987d046
..
2542306
100644
(file)
--- a/
includes/api/ApiLogin.php
+++ b/
includes/api/ApiLogin.php
@@
-87,14
+87,12
@@
class ApiLogin extends ApiBase {
$result['lgusername'] = $wgUser->getName();
$result['lgtoken'] = $wgUser->getToken();
$result['cookieprefix'] = $wgCookiePrefix;
- $result['sessionid'] = session_id();
break;
case LoginForm::NEED_TOKEN:
$result['result'] = 'NeedToken';
$result['token'] = $loginForm->getLoginToken();
$result['cookieprefix'] = $wgCookiePrefix;
- $result['sessionid'] = session_id();
break;
case LoginForm::WRONG_TOKEN: