phabricator.wikimedia.org

⚓ T306751 Cookie block exception option for hard IP blocks

  • ️Sun Apr 24 2022

Cookie block exception option for hard IP blocks

Open, Needs TriagePublicFeature

When an IP address is blocked with the option to include logged-in users (e.g. hardblocked), the block includes a cookie block.

The most common case where this comes up is when a user is using an open proxy (many of these IP addresses are hardblocked), and then forgets to turn it off. They often realize it after attempting to edit, and once they turn it off, they find that they are still blocked.

The block message will only include an IP range that the user is likely no longer using. This makes troubleshooting on the user's end complicated - and makes helping the user more difficult.

Yes, it is possible to set $wgCookieSetOnAutoblock to prevent cookie blocks wholesale, but they are generally useful for other usecases.

It would be very helpful to have the option to exempt hard IP blocks from triggering cookie blocks at the time that the block is made/modified.

Related tickets:
T207609: Rangeblocks applying to IP's not in the range
T236955: Lift IP cap for edit-a-thon at Bard College Nov. 11, 2019

Event Timeline

Comment Actions

I have assisted some users affected by proxy rangeblocks where they cited a message about a given range, and they would swear their current IP as shown in whatismyip.com was in a different range. I used to think they were somehow wrong, but I guess they could have been affected by this issue. Quantifying the issue would require help from CUs or SREs though...

If I understand cookie blocks properly, they should be excluded from all or most proxy/VPN/webhost blocks.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits