Last modified: 2014-02-03 08:31:09 UTC
Setting $wgCookieExpiration = 0 does not, as documented, make all cookies in-session. Rather, it makes all cookies expire 0 second from the server time. This usually does not cause an issue because MediaWiki will load the user from the session instead, but it causes issues with any extensions that use cookies (specifically Extension:SecureSessions). Will have a patch to fix this in Gerrit soon. Maybe this should be backported?
https://gerrit.wikimedia.org/r/61593
Correct me if I'm wrong, but this sounds like something that never worked, almost a new feature and definitely not a regression: nice to have but doesn't seem "enough" for a backport so stable.
Change 61593 merged by jenkins-bot: Fixed $wgCookieExpiration functionality when set to 0. https://gerrit.wikimedia.org/r/61593
Yeah, this never worked. I updated the docs at https://www.mediawiki.org/wiki/Manual:$wgCookieExpiration accordingly.