Last modified: 2014-10-06 14:01:50 UTC
Looking at the network traffic from visiting a page on enwiki, I saw that when editing a page (both with VE enabled and without it) a few GET requests get performed to API, like in example: https://en.wikipedia.org/w/api.php?format=json&uselang=en&action=visualeditor&paction=parse&page=Moravian-Silesian_Region these requests go out as XHR requests and my browser does not attach any cookie to the request. Of course, this means that any cookie-based test we might want to perform (like using HHVM) will not work as expected. This would effectively block us from testing hhvm on the API cluster.
I cannot reproduce this. According to Firebug the cookies are being included in XHR requests to the API when I visit enwiki pages, including the request to https://en.wikipedia.org/w/api.php?format=json&uselang=en&action=visualeditor&paction=parse&page=Moravian-Silesian_Region if I enable the VE beta feature and then attempt to edit that page using VE. Further, I'd expect we'd have had many more bug reports if this were a widespread problem, since lacking cookies in the API requests would cause the VE edits to be performed as an IP. My browser is Iceweasel 32.0 (which is Debian's rebranded version of Firefox 32.0). While it shouldn't matter for this particular case, I have "Accept third-party cookies" set to "Always". At any rate, this certainly isn't an API bug since the API has no control over whether the client sends any cookies. I'm going to tentatively reassign it to "JavaScript".
Upon further analysis; this happened because of a bug in a chromium adblocking extension I was using, which blocked cookies in GET requests to api based on a regex I must have added years ago. Disabling the adblocking extension effectively sent the cookies correctly.