d1039b8f7028add5bb676f882c003152d50d073a
angie
  Thu Jun 9 11:35:45 2016 -0700
Revert "Fixing bug that allowed faked wiki cookie name to override hgLogin name.  refs #17397 note-8, note-9."

This reverts commit 70688a29ce74bb1fafd03ef2dda79ef38ea2891b.

diff --git src/hg/lib/wikiLink.c src/hg/lib/wikiLink.c
index fc7b2b6..d22d2d4 100644
--- src/hg/lib/wikiLink.c
+++ src/hg/lib/wikiLink.c
@@ -469,34 +469,34 @@
 char *wikiHost = cfgOption(CFG_WIKI_HOST);
 if (isEmpty(wikiHost) || sameString(wikiHost, "HTTPHOST"))
     wikiHost = hHttpHost();
 return cloneString(wikiHost);
 }
 
 char *wikiLinkUserName()
 /* Return the user name specified in cookies from the browser, or NULL if 
  * the user doesn't appear to be logged in. */
 {
 if (loginSystemEnabled())
     {
     if (! alreadyAuthenticated)
         errAbort("wikiLinkUserName: loginValidateCookies must be called first.");
     char *userName = getLoginUserName();
-    if (isEmpty(userName) && isNotEmpty(remoteUserName))
-        userName = remoteUserName;
     if (isEmpty(userName) && wikiLinkEnabled())                   // TODO: remove in July 2016
         userName = findCookieData(wikiLinkUserNameCookie());      // TODO: remove in July 2016
+    if (isEmpty(userName) && isNotEmpty(remoteUserName))
+        userName = remoteUserName;
     if (authenticated)
         return cloneString(userName);
     }
 else if (wikiLinkEnabled())
     {
     char *wikiUserName = findCookieData(wikiLinkUserNameCookie());
     char *wikiLoggedIn = findCookieData(wikiLinkLoggedInCookie());
     if (isNotEmpty(wikiLoggedIn) && isNotEmpty(wikiUserName))
         return cloneString(wikiUserName);
     }
 else
     errAbort("wikiLinkUserName called when wiki is not enabled (specified "
         "in hg.conf).");
 return NULL;
 }