From Wikivoyage
Jump to navigation Jump to search

Cookies are not necessary to read Wikivoyage, but they are needed for logging on and connecting contributions to a user account. Any attempt to edit with cookies disabled will fail with:

Sorry! We could not process your edit due to a loss of session data.
You might have been logged out. Please verify that you're still logged in and try again. If it still does not work, try logging out and logging back in, and check that your browser allows cookies from this site.

Wikivoyage creates a session cookie when a user logs on. This cookie identifies the user, but is discarded after a fixed expiry time or as soon as the user logs out. Using the "Keep me logged in" option when logging in will select a longer expiry time (MediaWiki defaults to 30 days).

Among the cookies being sent to the server (as of 2018) are:

  • WMF-Last-Access and WMF-Last-Access-Global are the time (dd-mmm-yyyy) the uesr last accessed the wiki
  • enwikivoyageUserName is the username on the site; if the user is still logged in there's also a enwikivoyageUserID
  • GeoIP is the user's location, roughly estimated based on IP address: for instance, "CA:ON:Kingston:44.26:-76.47:v4" is a random point in Kingston's Cataraqui River
  • loginnotify_prevlogins is set by mw:Extension:LoginNotify, which notifies you when someone logs into your account.
  • centralnotice_hide_...and the name of one banner message (like CommunityWishList2018) are set by mw:Extension:CentralNotice, which delivers sitebanner announcements to Wikimedia wikis. The cookie will contain text like {"v":1,"created":1542420010,"reason":"close"} to indicate that the user has closed (manually dismissed) one site notice banner, so the wiki doesn't display that one same notice again.
  • VEE is set by mw:Extension:VisualEditor; it contains the word "wikitext" if the user has manually selected the source editor instead of the visual editor.

Additional cookies appear if the user is currently logged in:

  • enwikivoyageUserName and enwikivoyageUserID are the username and corresponding record number in the local userlist; there's also a enwikivoyageSession as an arbitrary number to identify one login session. As mw:Extension:CentralAuth allows logins to be unified across multiple Wikimedia projects, there's also an analogous centralauth_User and centralauth_Session, along with an arbitrary number as a centralauth_Token.
  • if the user is logged on using HTTPS, a cookie indicates forceHTTPS to be "true".

There's also a cookie which appears if an IP address has been autoblocked. Some of these cookies are cleared when the user logs out or handled slightly differently if the "Keep me logged in" option is not selected. Deleting the session cookies and tokens logs the user out, for example. Others persist for some preset amount of time, unless the user manually empties the browser's cookie cache.

Finally, a cookie for the IP address is used for anonymous users, so that Javascript on the client side can check for new messages for the anonymous user. A user who refuses this cookie will just not receive anonymous messages.

The following information is for contributors who live in or are citizens of a country in the European Union:

On July 25, 2003, the new EU Electronic Communication Act was passed. According to this act, the user of a web site must be informed that the site uses cookies. The user must also be given the opportunity to block the use of cookies. A user who does not want to use cookies may block these in his or her browser.