aboutsummaryrefslogtreecommitdiffstats
path: root/includes/session
Commit message (Expand)AuthorAgeFilesLines
...
* SessionBackend: skip isUserSessionPrevented check for anonsOri Livneh2016-02-241-2/+3
* Revert "Log multiple IPs using the same session or the same user account"Ori Livneh2016-02-231-91/+0
* Merge "Enforce MW_NO_SESSION, add MW_NO_SESSION_HANDLER"jenkins-bot2016-02-222-0/+13
|\
| * Enforce MW_NO_SESSION, add MW_NO_SESSION_HANDLERBrad Jorsch2016-02-222-0/+13
* | Fix session store loggingBrad Jorsch2016-02-221-1/+0
|/
* Merge "SessionManager: Autocreate should use READ_LATEST when necessary"jenkins-bot2016-02-181-1/+3
|\
| * SessionManager: Autocreate should use READ_LATEST when necessaryBrad Jorsch2016-02-181-1/+3
* | Do not unauthenticate if autocreation fails due to a raceGergő Tisza2016-02-181-6/+15
|/
* Convert all array() syntax to []Kunal Mehta2016-02-179-187/+187
* Merge "CookieSessionProvider: It's persisted if we have a 'Token' cookie"jenkins-bot2016-02-162-3/+1
|\
| * CookieSessionProvider: It's persisted if we have a 'Token' cookieBrad Jorsch2016-02-162-3/+1
* | Session: Implement ArrayAccessBrad Jorsch2016-02-162-5/+44
|/
* Merge "Log multiple IPs using the same session or the same user account"jenkins-bot2016-02-121-0/+91
|\
| * Log multiple IPs using the same session or the same user accountGergő Tisza2016-02-111-0/+91
* | Merge "SessionProvider::mergeMetadata: Log additional data"jenkins-bot2016-02-113-4/+80
|\ \
| * | SessionProvider::mergeMetadata: Log additional dataBryan Davis2016-02-113-4/+80
| |/
* / Fix invalid key warning in CookieSessionProvider error handling codeGergő Tisza2016-02-111-6/+6
|/
* Merge "PHPSessionHandler: Implement SessionHandlerInterface"jenkins-bot2016-02-101-32/+4
|\
| * PHPSessionHandler: Implement SessionHandlerInterfaceBrad Jorsch2016-02-101-32/+4
* | Merge "Remove unused imports from Session classes"jenkins-bot2016-02-102-6/+0
|\ \
| * | Remove unused imports from Session classesThiemo Mättig2016-02-102-6/+0
| |/
* / Remove "$that" from SessionManagerBrad Jorsch2016-02-101-9/+6
|/
* Merge "Update session log messages"jenkins-bot2016-02-085-70/+239
|\
| * Update session log messagesBryan Davis2016-02-065-70/+239
* | Merge "Introduce User::INVALID_TOKEN"jenkins-bot2016-02-081-7/+0
|\ \ | |/ |/|
| * Introduce User::INVALID_TOKENBrad Jorsch2016-02-031-7/+0
* | Merge "Disable automatic cache headers associated with starting a session"jenkins-bot2016-02-042-1/+6
|\ \
| * | Disable automatic cache headers associated with starting a sessionBryan Davis2016-02-032-1/+6
| |/
* / Clean up after Ie161e0fBrad Jorsch2016-02-032-79/+28
|/
* Revert "Remove SessionManager, temporarily"Brad Jorsch2016-02-0314-0/+4491
* Remove SessionManager, temporarilyBrad Jorsch2016-02-0114-4491/+0
* SessionManager: Notify AuthPlugin before calling hooksBrad Jorsch2016-02-011-5/+5
* Close a loophole in CookieSessionProviderBrad Jorsch2016-01-311-11/+15
* SECURITY: Fix User::setToken() call on User::newSystemUserGergő Tisza2016-01-291-1/+1
* SessionManager: Don't save non-persisted sessions to backend storageBrad Jorsch2016-01-302-21/+75
* SessionManager: Save user name to metadata even if the user doesn't exist loc...Brad Jorsch2016-01-281-1/+1
* SessionManager: Don't generate user tokens when checking the tokensBrad Jorsch2016-01-283-4/+4
* Merge "Move CSRF token handling into MediaWiki\Session\Session"jenkins-bot2016-01-282-0/+177
|\
| * Move CSRF token handling into MediaWiki\Session\SessionBrad Jorsch2016-01-272-0/+177
* | SessionManager: Save 'persisted' flag in session metadataBrad Jorsch2016-01-272-0/+5
|/
* Avoid false "added in both Session and $_SESSION" when value is nullBrad Jorsch2016-01-261-2/+2
* Use $wgSecureCookie to decide whether to actually mark secure cookies as 'sec...Brad Jorsch2016-01-251-1/+4
* Call session_cache_limiter() before starting a sessionBryan Davis2016-01-251-0/+1
* SessionManager: Abstract forceHTTPS cookie settingBrad Jorsch2016-01-251-5/+24
* Move avoidance of setting deleted cookies into WebResponseBrad Jorsch2016-01-251-22/+6
* Only delete cookies which are actually setGergő Tisza2016-01-221-6/+22
* Ignore auth cookies with value 'deleted'Gergő Tisza2016-01-221-8/+30
* SessionManager: Kill getPersistedSessionId()Brad Jorsch2016-01-222-24/+0
* SessionManager: Add SessionBackend::setProviderMetadata()Brad Jorsch2016-01-221-1/+20
* SessionManager: Notify AuthPlugin when auto-creating accountsBrad Jorsch2016-01-211-0/+10
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-24 01:34:34 +0000