Page MenuHomePhabricator

Tgr (Gergő Tisza)
Software Engineer, WMF

Projects (42)

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Sep 19 2014, 4:55 PM (496 w, 6 d)
Availability
Available
IRC Nick
tgr
LDAP User
Gergő Tisza
MediaWiki User
Tgr (WMF) [ Global Accounts ]

Things my team is working on: MediaWiki-Platform-Team
Side projects I am working on (or planning to, eventually): User-Tgr
You can find more info about me on my user page.

Recent Activity

Today

Tgr added a comment to T359775: LoadBalancer::resolveDomainId should support virtual domains.

From an end user POV the LB/LBF differentation is pretty much never useful, if you need an LB you'll just do $lbf->getMainLB( $domain ). But the LB/LBF interfaces have all kinds of things that are not present on ICP but sometimes needed. Those could be moved to ICP but there is also benefit in keeping ICP simple and limited to functionality that's often used.

Thu, Mar 28, 5:26 PM · Data-Persistence, MediaWiki-libs-Rdbms

Yesterday

Tgr added a comment to T345245: Mitigate phase-out of third-party cookies across MediaWiki in production.

Google apparently built a DevTools plugin (the Privacy Sandbox Analysis Tool) for detecting issues caused by cookie blocking, so that might be a good way of looking for potential breakage.

Wed, Mar 27, 11:46 PM · Foundational Technology Requests
Tgr added a comment to T359957: Enroll in Chrome third-party cookies deprecation trial.

The more public-facing Google posts are a bit confusing about whether there are usage limits for the trial, but the origin trials developer guide is pretty clear that they don't apply to deprecation trials, so we won't have to worry about that.

Wed, Mar 27, 11:44 PM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team
Tgr updated the task description for T359957: Enroll in Chrome third-party cookies deprecation trial.
Wed, Mar 27, 11:22 PM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team
Tgr created T361153: "Search for pages containing" option does not search on exact match when using keyboard.
Wed, Mar 27, 8:03 PM · Accessibility, Web-Team-Backlog, MediaWiki-User-Interface (autocomplete search)
Tgr added a comment to T41662: Allow -webkit-filter CSS.

(FWIW css-sanititer does handle filter already.)

Wed, Mar 27, 2:06 PM · MediaWiki-Parser
Tgr merged T41662: Allow -webkit-filter CSS into T308160: Uncensor use of "filter" CSS property on wikitext pages.
Wed, Mar 27, 1:53 PM · Parsoid, User-notice-archive, MW-1.42-notes (1.42.0-wmf.19; 2024-02-20), Security, MediaWiki-General, CSS
Tgr removed a project from T41662: Allow -webkit-filter CSS: css-sanitizer.

I'll just untag and close as duplicate to reduce confusion. Please file a dedicated task for TemplateStyles / css-sanitizer if you think this functionality is needed there.

Wed, Mar 27, 1:53 PM · MediaWiki-Parser
Tgr merged task T41662: Allow -webkit-filter CSS into T308160: Uncensor use of "filter" CSS property on wikitext pages.
Wed, Mar 27, 1:52 PM · MediaWiki-Parser
Tgr added a comment to T41662: Allow -webkit-filter CSS.

T308160: Uncensor use of "filter" CSS property on wikitext pages is about the wikitext parser. This issue is tagged as TemplateStyles (now, at least; presumably the task author meant the task to be about the parser, since it predates the existence of TemplateStyes). In TemplateStyles, this isn't resolved.

Wed, Mar 27, 1:51 PM · MediaWiki-Parser
Tgr added a comment to T345566: error.log is not rotated in beta.

Seems properly rotated now:

tgr@deployment-mwlog02:~$ ls -l /srv/mw-log/archive/err*
-rw-r--r-- 1 udp2log udp2log 39300 Mar 12 15:45 /srv/mw-log/archive/error.log-20240313.gz
-rw-r--r-- 1 udp2log udp2log  2528 Mar 13 09:21 /srv/mw-log/archive/error.log-20240314.gz
-rw-r--r-- 1 udp2log udp2log   574 Mar 14 01:20 /srv/mw-log/archive/error.log-20240315.gz
-rw-r--r-- 1 udp2log udp2log  2277 Mar 15 22:45 /srv/mw-log/archive/error.log-20240316.gz
-rw-r--r-- 1 udp2log udp2log  1371 Mar 16 07:23 /srv/mw-log/archive/error.log-20240317.gz
-rw-r--r-- 1 udp2log udp2log  1518 Mar 17 15:32 /srv/mw-log/archive/error.log-20240318.gz
-rw-r--r-- 1 udp2log udp2log  2804 Mar 18 16:19 /srv/mw-log/archive/error.log-20240319.gz
-rw-r--r-- 1 udp2log udp2log  1205 Mar 19 18:56 /srv/mw-log/archive/error.log-20240320.gz
-rw-r--r-- 1 udp2log udp2log  1928 Mar 20 18:32 /srv/mw-log/archive/error.log-20240321.gz
-rw-r--r-- 1 udp2log udp2log  2150 Mar 21 21:53 /srv/mw-log/archive/error.log-20240322.gz
-rw-r--r-- 1 udp2log udp2log  1400 Mar 22 18:21 /srv/mw-log/archive/error.log-20240323.gz
-rw-r--r-- 1 udp2log udp2log  3176 Mar 23 16:15 /srv/mw-log/archive/error.log-20240324.gz
-rw-r--r-- 1 udp2log udp2log   575 Mar 24 01:20 /srv/mw-log/archive/error.log-20240325.gz
-rw-r--r-- 1 udp2log udp2log  1824 Mar 25 16:46 /srv/mw-log/archive/error.log-20240326.gz
-rw-r--r-- 1 udp2log udp2log 52860 Mar 26 21:46 /srv/mw-log/archive/error.log-20240327
Wed, Mar 27, 1:47 PM · Beta-Cluster-Infrastructure
Tgr added a comment to T359957: Enroll in Chrome third-party cookies deprecation trial.

The relevant information from the non-public tasks and admin UI:

  • "Trial Available: Up to Chrome 132 (ends with the rollout of next Chrome release), no later than Dec 28, 2024"
  • "If you’d like to submit additional third-party domains for review for this top level site, please email 3pcd-1p-deprecationtrial@google.com."
  • "For all other questions and issues, please visit our blog post. If further support is needed, please file an issue here"
Wed, Mar 27, 10:13 AM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team
Tgr updated the task description for T359957: Enroll in Chrome third-party cookies deprecation trial.
Wed, Mar 27, 10:10 AM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team

Tue, Mar 26

Tgr added a comment to T325229: add option to set cookies hostOnly property.

Host-only is not a flag, it's a cookie name prefix (MDN docs). It's not strictly impossible to control it via a $wg* flag that is separate from $wgCookiePrefix, but it could get confusing.

Tue, Mar 26, 11:34 PM · MediaWiki-General, Security
Dreamy_Jazz awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 26, 9:41 PM · MediaWiki-Gerrit-Group-Requests
Volker_E awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 26, 6:09 PM · MediaWiki-Gerrit-Group-Requests
Winston_Sung awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Love token.
Tue, Mar 26, 2:40 AM · MediaWiki-Gerrit-Group-Requests

Mon, Mar 25

Tgr added a comment to T360558: REST API tests in OAuth failing.

Caused by rMW1986f2bfb089: REST: Accept POST with empty body and no content-type.

Mon, Mar 25, 11:01 PM · MediaWiki-Engineering, MediaWiki-REST-API, ci-test-error, MediaWiki-extensions-OAuth
Tgr closed T360262: Error: Call to a member function getUserId() on bool as Invalid.

Happened one time in the last 90 days, probably a race condition. The offending code is

$oauthRequest = MWOAuthRequest::fromRequest( $request );
// verify_request throws an exception if anything isn't verified
[ $consumer, $token ] = $server->verify_request( $oauthRequest );
(...)
$access = ConsumerAcceptance::newFromToken( $dbr, $token->key );
$localUser = Utils::getLocalUserFromCentralId( $access->getUserId() );

which should never pass the first half if the consumer acceptance doesn't exist, because OAuthServer::verify_request() checks for it, but maybe the user revoked access from that OAuth app in the exact same moment or whatever. It should be fine to ignore, given how unlikely it is.

Mon, Mar 25, 10:54 PM · MediaWiki-extensions-OAuth, MediaWiki-Platform-Team, Wikimedia-production-error
Tgr added a comment to T359775: LoadBalancer::resolveDomainId should support virtual domains.

We encountered it while trying to use a virtual domain in a maintenance script (via Maintenance::getDB()). But there are plenty of other instances of code doing $services->getDBLoadBalancerFactory()->getMainLB( $domain )->doSomethingWith( $domain ) and usually that something involves resolveDomain (see the examples in the task description).

Mon, Mar 25, 10:46 PM · Data-Persistence, MediaWiki-libs-Rdbms
Tgr closed T360564: Improve the apihelp-setglobalaccountstatus-param-statecheck message: Remove angle brackets and clarify usage as Resolved.
Mon, Mar 25, 10:29 PM · MW-1.42-notes (1.42.0-wmf.24; 2024-03-26), MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth, Language-Team (Language-2024-January-March), Language-Technical Support (Language-Technical Support (Current) ), I18n, affects-translatewiki.net
Tgr closed T360564: Improve the apihelp-setglobalaccountstatus-param-statecheck message: Remove angle brackets and clarify usage, a subtask of T358384: Reduce the need to manually review markup in translatewiki exports, as Resolved.
Mon, Mar 25, 10:28 PM · MW-1.42-notes (1.42.0-wmf.24; 2024-03-26), Epic, Language-Team (Language-2024-January-March), Language-Technical Support (Language-Technical Support (Current) ), I18n, affects-translatewiki.net
Tgr added a comment to T360596: Figure out a plan to move forward with regarding Redis License changes.

In MediaWiki (as deployed at WMF), there exists 1 use of Redis, which is during file uploads via LockManager.

Mon, Mar 25, 8:33 PM · MediaWiki-Platform-Team (Radar), collaboration-services, Release-Engineering-Team (Radar), Quarry, Toolforge, Software-Licensing, Infrastructure-Foundations, netbox, Platform Team Initiatives (API Gateway), GitLab, ChangeProp, MediaWiki-File-management, SRE

Fri, Mar 22

Dringsim awarded T187749: Make it possible to use code from an external repository for editor-controlled Javascript/CSS a Love token.
Fri, Mar 22, 3:33 PM · Patch-Needs-Improvement, Security, Security-Team, Wikimedia-Hackathon-2019, Wikimedia-Hackathon-2018, MediaWiki-extension-requests, User-Tgr, JavaScript, MediaWiki-extensions-Gadgets

Thu, Mar 21

Tgr created T360719: Add explicit "invalid" user token state for CentralAuthUser.
Thu, Mar 21, 9:21 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a subtask for T345245: Mitigate phase-out of third-party cookies across MediaWiki in production: T360670: Mitigate phase-out of third-party cookies in OAuth.
Thu, Mar 21, 5:21 PM · Foundational Technology Requests
Tgr added a parent task for T360670: Mitigate phase-out of third-party cookies in OAuth: T345245: Mitigate phase-out of third-party cookies across MediaWiki in production.
Thu, Mar 21, 5:21 PM · MediaWiki-extensions-OAuth, MediaWiki-Platform-Team
Tgr created T360670: Mitigate phase-out of third-party cookies in OAuth.
Thu, Mar 21, 5:20 PM · MediaWiki-extensions-OAuth, MediaWiki-Platform-Team
jsn.sherman awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Thu, Mar 21, 3:12 PM · MediaWiki-Gerrit-Group-Requests

Wed, Mar 20

Zabe awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Wed, Mar 20, 6:32 PM · MediaWiki-Gerrit-Group-Requests
Tgr added a project to T360533: Lift IP cap on 2024-04-06 for Editathon for eswiki and commonswiki: Wikimedia-Site-requests.
Wed, Mar 20, 3:06 PM · User-Kizule, Patch-For-Review, Wikimedia-Site-requests, Spanish-Sites

Tue, Mar 19

MusikAnimal awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 9:59 PM · MediaWiki-Gerrit-Group-Requests
TheDJ awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 9:35 PM · MediaWiki-Gerrit-Group-Requests
Ammarpad awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 8:30 PM · MediaWiki-Gerrit-Group-Requests
DannyS712 awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 6:37 PM · MediaWiki-Gerrit-Group-Requests
Soda awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 5:08 PM · MediaWiki-Gerrit-Group-Requests
Novem_Linguae awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 4:53 PM · MediaWiki-Gerrit-Group-Requests
Jdforrester-WMF awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 4:42 PM · MediaWiki-Gerrit-Group-Requests
Bawolff awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 4:34 PM · MediaWiki-Gerrit-Group-Requests
WMDE-leszek awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 4:29 PM · MediaWiki-Gerrit-Group-Requests
sbassett awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 4:16 PM · MediaWiki-Gerrit-Group-Requests
Aklapper awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 3:36 PM · MediaWiki-Gerrit-Group-Requests
taavi awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 3:26 PM · MediaWiki-Gerrit-Group-Requests
Ladsgroup awarded T360442: +2 in mediawiki/ for Siddharth (SD0001) a Like token.
Tue, Mar 19, 3:26 PM · MediaWiki-Gerrit-Group-Requests
Tgr created T360442: +2 in mediawiki/ for Siddharth (SD0001) .
Tue, Mar 19, 3:17 PM · MediaWiki-Gerrit-Group-Requests

Fri, Mar 15

Tgr added a comment to T358236: Cannot create a new wiki on beta cluster.

@Tgr In ExternalStoreDB::initializeTable() we were passing QUERY_IGNORE_DBO_TRX only, which anyway was incorrect - the schema initialization code should pass QUERY_CHANGE_SCHEMA which is also a flag that isWriteQuery() would consider.

Fri, Mar 15, 4:33 PM · Patch-For-Review, MW-1.42-notes (1.42.0-wmf.24; 2024-03-26), MediaWiki-Platform-Team, Beta-Cluster-Infrastructure
Tgr added a comment to T358236: Cannot create a new wiki on beta cluster.

Database::query() uses QueryBuilderFromRawSql::buildQuery() to convert raw SQL strings to query objects, and that method will always add either QUERY_CHANGE_NONE or QUERY_CHANGE_ROWS. But that stack trace doesn't match that happening - Database::query() already receives a Query object, somehow. Manually overriding the flags might paper over the problem, which might not be the best approach here. What if the Query object is corrupted in other ways as well?

Fri, Mar 15, 2:48 PM · Patch-For-Review, MW-1.42-notes (1.42.0-wmf.24; 2024-03-26), MediaWiki-Platform-Team, Beta-Cluster-Infrastructure

Thu, Mar 14

Tgr added a comment to T358236: Cannot create a new wiki on beta cluster.

The logic of handling an SQL string in Database::query() looks solid to me, but...

#2 /srv/mediawiki-staging/php-master/includes/libs/rdbms/database/DBConnRef.php(119): Wikimedia\Rdbms\Database->query(Object(Wikimedia\Rdbms\Query), 'ExternalStoreDB...', 8)
#3 /srv/mediawiki-staging/php-master/includes/libs/rdbms/database/DBConnRef.php(302): Wikimedia\Rdbms\DBConnRef->__call('query', Array)
#4 /srv/mediawiki-staging/php-master/includes/externalstore/ExternalStoreDB.php(266): Wikimedia\Rdbms\DBConnRef->query('-- Blobs table ...', 'ExternalStoreDB...', 8)

...it looks like a query string is transformed into a Query object in the process of a simple call proxying, and Database::query() is already receiving an object (presumably with invalid flags)? No idea what's going on there.

Thu, Mar 14, 5:58 PM · Patch-For-Review, MW-1.42-notes (1.42.0-wmf.24; 2024-03-26), MediaWiki-Platform-Team, Beta-Cluster-Infrastructure
Tgr added a comment to T345249: Mitigate phase-out of third-party cookies in CentralAuth.

I'll file a task about that.

Thu, Mar 14, 3:55 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T360104: Test cross-domain cookie access with OAuth-style popup + redirect workflow.
Thu, Mar 14, 3:53 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359926: Test cross-domain cookie access with Related Website Sets.
Thu, Mar 14, 3:49 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359948: Test cross-domain cookie access with Storage Access API.
Thu, Mar 14, 3:49 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359948: Test cross-domain cookie access with Storage Access API.
Thu, Mar 14, 2:28 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359926: Test cross-domain cookie access with Related Website Sets.
Thu, Mar 14, 1:54 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359948: Test cross-domain cookie access with Storage Access API.
Thu, Mar 14, 12:29 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T360104: Test cross-domain cookie access with OAuth-style popup + redirect workflow.
Thu, Mar 14, 12:28 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359948: Test cross-domain cookie access with Storage Access API.
Thu, Mar 14, 12:23 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359948: Test cross-domain cookie access with Storage Access API.
Thu, Mar 14, 12:23 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr created T360104: Test cross-domain cookie access with OAuth-style popup + redirect workflow.
Thu, Mar 14, 12:19 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359948: Test cross-domain cookie access with Storage Access API.
Thu, Mar 14, 12:17 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359926: Test cross-domain cookie access with Related Website Sets.
Thu, Mar 14, 11:01 AM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359948: Test cross-domain cookie access with Storage Access API.
Thu, Mar 14, 11:00 AM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth

Wed, Mar 13

Tgr added a comment to T345249: Mitigate phase-out of third-party cookies in CentralAuth.

I don't think a test site would have much point.

Wed, Mar 13, 11:36 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a comment to T345249: Mitigate phase-out of third-party cookies in CentralAuth.

Have any of Google, Apple or Mozilla announced an intent to deprecate or break OAuth-like redirects?

Wed, Mar 13, 11:33 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359957: Enroll in Chrome third-party cookies deprecation trial.
Wed, Mar 13, 10:22 PM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team
Tgr added a comment to T359957: Enroll in Chrome third-party cookies deprecation trial.

Usually origin trials are disabled for a given site after reaching 0.5% of all Chrome pageloads; it seems unlikely but not completely inconceivable that Wikipedia would reach this threshold. But, if I understand the documentation correctly, this restriction doesn't apply for deprecation trials, only trials of new features, so we don't need to worry about it.

Wed, Mar 13, 7:37 PM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team
Tgr added a comment to T359957: Enroll in Chrome third-party cookies deprecation trial.

There are two third-party cookie blocking deprecation trials:

  • A first party trial where we could register a top-level domain such as wikipedia.org and third-party cookie access is allowed as long as the top-level document's domain is a subdomain of that. Enabling the trial happens via an Origin-Trial HTTP header or a corresponding meta tag on the embedding page.
  • A third-party trial where we can register a third-party domain and then it can be used anywhere. The documentation is a bit confusing on this point but AIUI you we can either use a header or meta tag on the embedded page, or use JS to add a meta tag to the embedding page. (The generic origin trial docs include this somewhat confusing warning: "Caution: A third-party token must be provided in an external JavaScript file included via a <script> element: a third-party token won't work in a meta tag, inline script or HTTP header.") Whether the trial will be declared on embedding or embedded pages needs to be declared up ahead; if we want both, we need to register twice.
Wed, Mar 13, 7:33 PM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team

Tue, Mar 12

Tgr added a comment to T359957: Enroll in Chrome third-party cookies deprecation trial.

Enrolling requires filing a bug about the website being affected, so here it is: https://issuetracker.google.com/issues/329250103

Tue, Mar 12, 9:02 PM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team
Tgr added a comment to T345249: Mitigate phase-out of third-party cookies in CentralAuth.

Next step is to test the relevant browser APIs:

spec investigationtestbrowserfunctionality
RWST345589T359926Chromecookie access, probably on par with current
FedCMT335851T359947Chrome, Edge, Opera (maybe Firefox soon?)browser-mediated identity checks
Storage AccessT359948all moderncookie access after user interaction
Tue, Mar 12, 5:20 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a comment to T359948: Test cross-domain cookie access with Storage Access API.

Back when I looked at requestStorageAccessFor, it was still in development. Now caniuse says it's available, but only works between sites of the same RWS set. So it might not be relevant for this task at all.

Tue, Mar 12, 5:10 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr placed T181869: Error "Session {session}: Metadata has an anonymous user, but a non-anon user was provided" up for grabs.

Improved the inline docs a little. (Note that the message changed, it is now Session "{session}": the session store entry is for an anonymous user, but the session metadata indicates a non-anonynmous user.) I have two hypotheses of what could be happening:

  • When the user logs out, the login cookies do not get unset for some reason, so the user is left with an anonymous session (is this actually true? do we set the backend session to anonymous on logout, rather than deleting it?) but logged-in cookies. I don't think this explains what's going on, given how frequent the logs are, and failing to unset cookies isn't something that should happen often.
  • When the user logs out on CentralAuth, cookies on domains other than the current one are left in place (T143001: Wiki sites should delete all their cookies during logout). I don't think this would result in this message (those domains would have no session or an invalid logged-in session, not an anonymous session) but maybe I misremember the details of how CentralAuth session invalidation on login works.
Tue, Mar 12, 4:58 PM · MW-1.42-notes (1.42.0-wmf.20; 2024-02-27), MediaWiki-Platform-Team, Documentation, MediaWiki-Core-AuthManager, MediaWiki-extensions-CentralAuth
Tgr placed T204787: Session Warning: "User ID mismatch, {uid_a} !== {uid_b}" up for grabs.
Tue, Mar 12, 4:46 PM · MediaWiki-Platform-Team, MediaWiki-Core-AuthManager
Tgr claimed T359926: Test cross-domain cookie access with Related Website Sets.
Tue, Mar 12, 4:46 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr moved T359947: Test cross-domain authentication with Federated Credentials Management API from Inbox, needs triage to Current Sprint on the MediaWiki-Platform-Team board.
Tue, Mar 12, 4:45 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr moved T359948: Test cross-domain cookie access with Storage Access API from Inbox, needs triage to Current Sprint on the MediaWiki-Platform-Team board.
Tue, Mar 12, 4:45 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr triaged T359957: Enroll in Chrome third-party cookies deprecation trial as High priority.
Tue, Mar 12, 4:44 PM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team
Tgr created T359957: Enroll in Chrome third-party cookies deprecation trial.
Tue, Mar 12, 4:43 PM · Patch-For-Review, WMF-General-or-Unknown, MediaWiki-extensions-CentralAuth, MediaWiki-Platform-Team
Tgr updated the task description for T359948: Test cross-domain cookie access with Storage Access API.
Tue, Mar 12, 3:15 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a subtask for T345249: Mitigate phase-out of third-party cookies in CentralAuth: T359948: Test cross-domain cookie access with Storage Access API.
Tue, Mar 12, 3:03 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a parent task for T359948: Test cross-domain cookie access with Storage Access API: T345249: Mitigate phase-out of third-party cookies in CentralAuth.
Tue, Mar 12, 3:03 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a comment to T359948: Test cross-domain cookie access with Storage Access API.

Relevant (but outdated) description from the parent task:

Use the requestStorageAccess() or requestStorageAccessFor() API, which allow access to third-party cookies. (requestStorageAccess is better supported, but needs to be called by the embedded resource, so it's only usable for iframes; requestStorageAccessFor is called by the embedder.) These would probably be part of using first-party sets, but can be used without those as well; however, then they would require explicit user opt-in (and separately for each domain), making them less practical. Also, they can only be called after user interaction.
support: requestStorageAccess (caniuse) is supported in Firefox and Safari, supported but requires first-party sets in Edge, behind a feature flag in Chrome. requestStorageAccessFor is Chrome-only (chromestatus).

Tue, Mar 12, 3:03 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr created T359948: Test cross-domain cookie access with Storage Access API.
Tue, Mar 12, 3:02 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a subtask for T345249: Mitigate phase-out of third-party cookies in CentralAuth: T359947: Test cross-domain authentication with Federated Credentials Management API.
Tue, Mar 12, 2:56 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a subtask for T335851: Investigate the Federated Credential Management browser API: T359947: Test cross-domain authentication with Federated Credentials Management API.
Tue, Mar 12, 2:56 PM · MediaWiki-Platform-Team, affects-Miraheze, User-Tgr, MediaWiki-extensions-CentralAuth, MediaWiki-Core-AuthManager
Tgr added parent tasks for T359947: Test cross-domain authentication with Federated Credentials Management API: T335851: Investigate the Federated Credential Management browser API, T345249: Mitigate phase-out of third-party cookies in CentralAuth.
Tue, Mar 12, 2:56 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr created T359947: Test cross-domain authentication with Federated Credentials Management API.
Tue, Mar 12, 2:56 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359926: Test cross-domain cookie access with Related Website Sets.
Tue, Mar 12, 2:50 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr updated the task description for T359926: Test cross-domain cookie access with Related Website Sets.
Tue, Mar 12, 2:48 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a comment to T332022: [Epic] Undeploying StructuredDiscussions (Flow).

Undeployment is hard because you need to convert the existing content but switching Flow to readonly on a given wiki should be trivial, if there is community support for it (except someone would have to move all the Flow pages afterwards to make place for wikitext comments).

Tue, Mar 12, 2:41 PM · Epic, StructuredDiscussions, DiscussionTools, Editing-team, Growth-Team
Tgr renamed T359926: Test cross-domain cookie access with Related Website Sets from Test cross-domain authentication with Related Website Sets to Test cross-domain cookie access with Related Website Sets.
Tue, Mar 12, 12:33 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a subtask for T345249: Mitigate phase-out of third-party cookies in CentralAuth: T359926: Test cross-domain cookie access with Related Website Sets.
Tue, Mar 12, 12:06 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr added a subtask for T345589: Investigate the First-Party Sets browser API: T359926: Test cross-domain cookie access with Related Website Sets.
Tue, Mar 12, 12:06 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth, MediaWiki-Core-AuthManager
Tgr added parent tasks for T359926: Test cross-domain cookie access with Related Website Sets: T345249: Mitigate phase-out of third-party cookies in CentralAuth, T345589: Investigate the First-Party Sets browser API.
Tue, Mar 12, 12:06 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth
Tgr created T359926: Test cross-domain cookie access with Related Website Sets.
Tue, Mar 12, 12:05 PM · MediaWiki-Platform-Team, MediaWiki-extensions-CentralAuth

Mon, Mar 11

Tgr added a comment to T161859: Make Wikitech an SUL wiki.

In my mind it just needs an account migration pretty much exactly like SUL unification did back in the day. The ~labswiki suffix for un-migrated local only accounts should go a long way towards keeping CentralAuth happy I think? Has the stack changed such that that solution is no longer possible?

Mon, Mar 11, 9:02 PM · cloud-services-team, Epic, wikitech.wikimedia.org
Tgr added a comment to T334623: How do we log unsuccessful first edits for temporary users?.

I like your idea of splitting the constraints into user-independent and user-dependent.

Mon, Mar 11, 12:38 PM · Patch-For-Review, Trust and Safety Product Sprint (Sprint Gangan (11th - 22nd March)), Data-Persistence, AbuseFilter, Temporary accounts
Tgr added a comment to T359775: LoadBalancer::resolveDomainId should support virtual domains.

For the record, the exact stack trace is

Wikimedia\Rdbms\DBConnectionError from line 1123 of /vagrant/mediawiki/includes/libs/rdbms/loadbalancer/LoadBalancer.php: Cannot access the database: Unknown database 'virtual' (127.0.0.1)
#0 /vagrant/mediawiki/includes/libs/rdbms/loadbalancer/LoadBalancer.php(779): Wikimedia\Rdbms\LoadBalancer->reportConnectionError()
#1 /vagrant/mediawiki/includes/libs/rdbms/loadbalancer/LoadBalancer.php(767): Wikimedia\Rdbms\LoadBalancer->getServerConnection()
#2 /vagrant/mediawiki/includes/libs/rdbms/database/DBConnRef.php(103): Wikimedia\Rdbms\LoadBalancer->getConnectionInternal()
#3 /vagrant/mediawiki/includes/libs/rdbms/database/DBConnRef.php(117): Wikimedia\Rdbms\DBConnRef->ensureConnection()
#4 /vagrant/mediawiki/includes/libs/rdbms/database/DBConnRef.php(351): Wikimedia\Rdbms\DBConnRef->__call()
#5 /vagrant/mediawiki/includes/utils/BatchRowIterator.php(248): Wikimedia\Rdbms\DBConnRef->select()
#6 /vagrant/mediawiki/includes/utils/BatchRowIterator.php(206): BatchRowIterator->next()
#7 /vagrant/mediawiki/extensions/AntiSpoof/maintenance/BatchAntiSpoofClass.php(94): BatchRowIterator->rewind()
#8 /vagrant/mediawiki/maintenance/includes/MaintenanceRunner.php(698): BatchAntiSpoof->execute()
#9 /vagrant/mediawiki/maintenance/run.php(51): MediaWiki\Maintenance\MaintenanceRunner->run()
#10 /var/www/w/MWScript.php(99): require_once('/vagrant/mediaw...')
#11 {main}
Mon, Mar 11, 12:24 PM · Data-Persistence, MediaWiki-libs-Rdbms

Sun, Mar 10

Tgr updated the task description for T359775: LoadBalancer::resolveDomainId should support virtual domains.
Sun, Mar 10, 9:27 PM · Data-Persistence, MediaWiki-libs-Rdbms
Tgr created T359775: LoadBalancer::resolveDomainId should support virtual domains.
Sun, Mar 10, 9:27 PM · Data-Persistence, MediaWiki-libs-Rdbms
Tgr added a comment to T359750: Provide visitor stats that can be imported into caniuse.com.

Just filter to logged-in pageviews. I think we already do that somewhere, there just isn't any public export of the data.

Sun, Mar 10, 6:16 PM · Data Products, Data-Engineering, Data-Engineering-Dashiki