Bug #7022
openSitewide announcements should be displayed on, and dismissable from, mapped domains
0%
Description
Currently this can't be done because the AJAX request requires authorization, and cookies aren't sent cross-domain. One of the following things should happen:
- Figure out a way to set the CORS headers in such a way that cookies are sent between domains. This should be possible with withCredentials plus some custom Allow-Origin work, but it needs exploration.
- Figure out a way to ensure that mapped-domain authentication always sets the commons.gc.cuny.edu auth cookie, so that the native domain cookies can be used. See #1508.
- Don't use cookie auth for the AJAX request - could just generate a secret key, or try to implement oAuth2 or something like that.
- Have a catcher on the mapped domain (which would use the mapped cookies) and then use PHP to dismiss the notice using switch_to_blog(). This is the easiest, but makes the plugin less appealing for broader use.
Related issues
Updated by Boone Gorges almost 8 years ago
- Related to Feature #1508: Share login cookies across mapped domains added
Updated by Boone Gorges almost 8 years ago
- Related to Feature #3501: System(s) for Sitewide Announcements added
Updated by Boone Gorges over 7 years ago
- Target version changed from 1.11 to 1.12
We haven't really used sitewide announcements yet, which makes this issue less urgent. Let's not take the time for it now.
Updated by Boone Gorges about 7 years ago
- Target version changed from 1.12 to 1.13
Updated by Boone Gorges over 6 years ago
- Target version changed from 1.13 to Future release