getpersonas.com and www.getpersonas.com don't share the PERSONA_USER cookie they set to specify that a user is signed in, which means that a user can be signed in at one of those domains while not being signed in at the other. That seems like a wonky user experience, and it can make it more cumbersome to implement certain features in the extension (like bug 505846). One fix would be to set a domain cookie (.getpersonas.com) instead of a host cookie (getpersonas.com or www.getpersonas.com). That'll require a change to the way bug 505846 is implemented, although it shouldn't be hard. The simplest fix would be to redirect getpersonas.com to www.getpersonas.com. Then the client code can assume that users are always on www.getpersonas.com when they authenticate and access the cookie only from that host.
I vote for redirection.
Agree. Assigning to Zandr for when he gets back.
OK, this is fixed with a TrafficScript that 301s to www.getpersonas.com
Verified, FIXED. getpersonas.com get redirected to www.getpersonas.com Verified on Mac/Win/Linux