Ensure that "post-review" does not try to access the login page before checking whether webauth is enabled. There is a ugly hack in the patch. Instead to trying to access a review, "post-review" should access a specific page. I still have to figure out how to create a new webapi page on the server.

This was tested on the company server that is webauth enabled.