Cookie expiration time was increased to 180 day in
7d7ebfc to make
logins last longer. Since
16cea35 made login cookie length separately
configurable, this setting does not make much sense anymore and should
be restored to a more privacy-friendly default.
Change-Id: Ia2d200a20c4954fa7cd50197f44471e98061a425
production.
=== Configuration changes in 1.29 ===
+* Default cookie expiration time has been reduced to 30 days. Login cookie expiration time is
+ kept at 180 days.
=== New features in 1.29 ===
/**
* Default cookie lifetime, in seconds. Setting to 0 makes all cookies session-only.
*/
-$wgCookieExpiration = 180 * 86400;
+$wgCookieExpiration = 30 * 86400;
/**
* Default login cookie lifetime, in seconds. Setting
* calculate the cookie lifetime. As with $wgCookieExpiration, 0 will make
* login cookies session-only.
*/
-$wgExtendedLoginCookieExpiration = null;
+$wgExtendedLoginCookieExpiration = 180 * 86400;
/**
* Set to set an explicit domain on the login cookies eg, "justthis.domain.org"