On Mon, Aug 19, 2013 at 6:21 PM, Risker risker.wp@gmail.com wrote:
On 19 August 2013 21:09, Ryan Lane rlane32@gmail.com wrote:
On Mon, Aug 19, 2013 at 6:03 PM, Risker risker.wp@gmail.com wrote:
On 19 August 2013 20:35, Chad innocentkiller@gmail.com wrote:
On Mon, Aug 19, 2013 at 5:32 PM, Tyler Romeo tylerromeo@gmail.com
wrote:
Quick question: will the patch that was just merged regarding
removing
the
"Stay on HTTPS" checkbox be deployed by then? Or will that be a
separate
deployment?
I'm going to work on getting that merged to all relevant branches either tonight or tomorrow, so yes, it will be included.
Congrats to everyone for getting this going. Is there a workaround available for people behind the Great Firewall to log into projects in languages other than those that are exempted? If so, what is the best
way
for those individual users to contact Operations or whoever, outside of IRC? I'm fairly certain some of those users may not want to have to publicize their locations. I see mention of an email address: could
that
be created before the change please?
Some projects are being left out of the initial rollout. Users that use those projects as their home wiki will still log-in to HTTP by default
and
will get a central auth cookie that will work for other projects as well.
Users who are logged in over HTTPS and feel that it is too slow for their area or device can disable HTTPS redirection in their preferences to continue using the site in HTTP mode.
- Ryan
Okay, perhaps I wasn't clear. What I am referring to are editors from China or Iran who regularly log into projects that will be covered with HTTPS, as we know that HTTPS is (at least sometimes) blocked in those countries. Remember that you're including Commons, Meta, and all English projects - and yes, it is the right thing to do. But we do have a non-negligible number of users (including administrators and stewards) who will need to have a way to access these projects. Do you have a way to exempt them?
As I mentioned above. As long as they log-in to their home wiki, they will get a central auth cookie that will keep them logged-in on every other project, which includes commons, meta, etc. If they visit other projects as an anonymous user and try to log in, they'll be redirected to HTTPS, which will fail.
- Ryan