On 11/6/14 4:45 PM, Chris Steipp wrote:
> For me, I like knowing that when I login on a random wiki in our
> cluster, a site admin can't have (maliciously or unintentionally) put
> javascript on the login page to sniff my password. I'd prefer Kunal's
> patch had a feature flag so we could disable this on WMF wikis, but
> sites with robust auditing of their common.css can enable it.

I've amended <https://gerrit.wikimedia.org/r/#/c/165979/3> to be
controlled by a config setting.

-- Legoktm

_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l

Reply via email to