While adding the monitoring code in T327046, I've noticed several chunks of code that are probably unused. I'd like to use this monitoring to verify that, and then remove it.
Description
Details
Related Objects
Event Timeline
Change 968383 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):
[mediawiki/extensions/CentralAuth@master] Bump some login logging to info level
Change 968383 merged by jenkins-bot:
[mediawiki/extensions/CentralAuth@master] Bump some login debug logging to info level
Change 974195 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):
[mediawiki/extensions/CentralAuth@master] Remove option to display a message after central login success
Change 974198 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):
[mediawiki/extensions/CentralAuth@master] Remove unused 'gu_id' URL parameter
Change 974203 had a related patch set uploaded (by Bartosz Dziewoński; author: Bartosz Dziewoński):
[mediawiki/extensions/CentralAuth@master] Remove support for inconsistent $wgCentralAuthLoginWiki
The latter two have a very small, but non-zero, number of hits in the logs:
- https://logstash.wikimedia.org/goto/006669b0db6d92a5a52f844d784bc54c
- https://logstash.wikimedia.org/goto/228fb5382f5dceba21061602960d4904
A few of them look like someone accidentally copy-pasted the edge login HTML from Wikipedia in 2013 to their personal website. A few others look like they might be automated vulnerability scanning / pentesting. I think the code is still safe to remove (and thus respond to these requests with errors).
Change 974198 merged by jenkins-bot:
[mediawiki/extensions/CentralAuth@master] Remove unused 'gu_id' URL parameter
Change 974203 merged by jenkins-bot:
[mediawiki/extensions/CentralAuth@master] Remove support for inconsistent $wgCentralAuthLoginWiki
Change 974195 merged by jenkins-bot:
[mediawiki/extensions/CentralAuth@master] Remove option to display a message after central login success