Last modified: 2013-07-25 07:05:58 UTC
Specifically for 'private' => array( 'Main Page', 'Special:Userlogin', 'Special:Userlogout', '-', 'MediaWiki:Monobook.css', 'MediaWiki:Monobook.js' ), I don't think that those two pages need to be seen by users without an account because Vector is the default skin now. I believe we use MediaWiki:Common.js throughout wikis now instead of skin specific common files, but I'm not sure we need to allow people without accounts to see those either.
I believe these entries were needed in the age when site CSS and JS were loaded with index.php?action=raw&ctype= so people can load them before logging in. With the introduction of ResourceLoader I don't think this and similar items are still needed.
I would like confirmation from a ResourceLoader/JS guy. [ Adding Matma Rex as CC ]
I think Thehelpfulone and Liangent are right, but since I'm no ResourceLoader guy, I'm CC-ing Krinkle instead.
Krinkle: Could you answer comment 2, please?
Why is '-' included (just curious)?
(In reply to comment #5) > Why is '-' included (just curious)? In the past, &title=- was used in JS loading and I believe this was the reason to include '-' in wgWhitelistRead.
MediaWiki:Monobook.css and MediaWiki:Monobook.js are redundant indeed. Note that you should still not put private information in there[1] as ResourceLoader's entry point essentially bypasses the whitelist indirectly through it's package for the 'site' module. [1] there being both Common.js, Common.css as well as any skin .css/.js page.
Change 73603 had a related patch set uploaded by TTO: (bug 48381) remove obsolete js/css entries from $wgWhitelistRead https://gerrit.wikimedia.org/r/73603
Change 73603 merged by jenkins-bot: (bug 48381) remove obsolete js/css entries from $wgWhitelistRead https://gerrit.wikimedia.org/r/73603