Merge "Disable automatic cache headers associated with starting a session"

diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php
index 4066945..66201b5 100644 (file)
--- a/includes/GlobalFunctions.php
+++ b/includes/GlobalFunctions.php
@@ -3082,7 +3082,6 @@ function wfSetupSession( $sessionId = false ) {
        if ( session_id() !== $session->getId() ) {
                session_id( $session->getId() );
        }
-       MediaWiki\quietCall( 'session_cache_limiter', 'private, must-revalidate' );
        MediaWiki\quietCall( 'session_start' );
 }
 

diff --git a/includes/Setup.php b/includes/Setup.php
index 6c85638..ba3d628 100644 (file)
--- a/includes/Setup.php
+++ b/includes/Setup.php
@@ -738,7 +738,6 @@ if ( !defined( 'MW_NO_SESSION' ) && !$wgCommandLineMode ) {
        ) {
                // Start the PHP-session for backwards compatibility
                session_id( $session->getId() );
-               MediaWiki\quietCall( 'session_cache_limiter', 'private, must-revalidate' );
                MediaWiki\quietCall( 'session_start' );
        }
 }

diff --git a/includes/context/RequestContext.php b/includes/context/RequestContext.php
index 73e11b5..8056b4d 100644 (file)
--- a/includes/context/RequestContext.php
+++ b/includes/context/RequestContext.php
@@ -595,7 +595,6 @@ class RequestContext implements IContextSource, MutableContext {
                        $wgUser = $context->getUser(); // b/c
                        if ( $session && MediaWiki\Session\PHPSessionHandler::isEnabled() ) {
                                session_id( $session->getId() );
-                               MediaWiki\quietCall( 'session_cache_limiter', 'private, must-revalidate' );
                                MediaWiki\quietCall( 'session_start' );
                        }
                        $request = new FauxRequest( array(), false, $session );

diff --git a/includes/session/PHPSessionHandler.php b/includes/session/PHPSessionHandler.php
index d21bea9..4dea274 100644 (file)
--- a/includes/session/PHPSessionHandler.php
+++ b/includes/session/PHPSessionHandler.php
@@ -123,6 +123,12 @@ class PHPSessionHandler {
                ini_set( 'session.use_cookies', 0 );
                ini_set( 'session.use_trans_sid', 0 );
 
+               // T124510: Disable automatic PHP session related cache headers.
+               // MediaWiki adds it's own headers and the default PHP behavior may
+               // set headers such as 'Pragma: no-cache' that cause problems with
+               // some user agents.
+               session_cache_limiter( '' );
+
                // Also set a sane serialization handler
                \Wikimedia\PhpSessionSerializer::setSerializeHandler();
 

diff --git a/includes/session/SessionBackend.php b/includes/session/SessionBackend.php
index 488f6e7..2bff173 100644 (file)
--- a/includes/session/SessionBackend.php
+++ b/includes/session/SessionBackend.php
@@ -646,7 +646,6 @@ final class SessionBackend {
                        ) {
                                $this->logger->debug( "SessionBackend $this->id: Taking over PHP session" );
                                session_id( (string)$this->id );
-                               \MediaWiki\quietCall( 'session_cache_limiter', 'private, must-revalidate' );
                                \MediaWiki\quietCall( 'session_start' );
                        }
                }