Thread:Extension talk:SecureSessions/Incompatible with "$wgCookieExpiration = 0"?/reply (3)

Hey again,

So I discovered the reason the bug you are having is occurring. It's actually not a bug with Extension:SecureSessions but a bug with the MediaWiki core itself. The current documentation says that setting $wgCookieExpiration to 0 will make all cookies be only in-session. However, MediaWiki instead is interpreting it as "have cookies expire 0 seconds from now". Unfortunately, without Extension:SecureSessions, you don't notice this bug because MediaWiki still keeps you logged in with PHP's session functionality.

I have submitted a bug at 47886. In the meantime, the only workaround is to not set $wgCookieExpiration to 0, as it does not do what you're expecting it to do at the moment.

Sorry for the inconvenience,