On 19 August 2013 21:09, Ryan Lane
<rlane32(a)gmail.com> wrote:
On Mon, Aug 19, 2013 at 6:03 PM, Risker
<risker.wp(a)gmail.com> wrote:
On 19 August 2013 20:35, Chad
<innocentkiller(a)gmail.com> wrote:
On Mon, Aug 19, 2013 at 5:32 PM, Tyler Romeo
<tylerromeo(a)gmail.com>
wrote:
>
> > Quick question: will the patch that was just merged regarding
removing
the
> "Stay on HTTPS" checkbox be deployed by then? Or will that be a
separate
> deployment?
>
>
I'm going to work on getting that merged to all relevant branches
either tonight or tomorrow, so yes, it will be included.
Congrats to everyone for getting this going. Is there a workaround
available for people behind the Great Firewall to log into projects in
languages other than those that are exempted? If so, what is the best
way
> for those individual users to contact Operations or whoever, outside of
> IRC? I'm fairly certain some of those users may not want to have to
> publicize their locations. I see mention of an email address: could
that
be
created before the change please?
Some projects are being left out of the initial rollout. Users that use
those projects as their home wiki will still log-in to HTTP by default
and
will get a central auth cookie that will work for
other projects as well.
Users who are logged in over HTTPS and feel that it is too slow for their
area or device can disable HTTPS redirection in their preferences to
continue using the site in HTTP mode.
- Ryan
Okay, perhaps I wasn't clear. What I am referring to are editors from
China or Iran who regularly log into projects that will be covered with
HTTPS, as we know that HTTPS is (at least sometimes) blocked in those
countries. Remember that you're including Commons, Meta, and all English
projects - and yes, it is the right thing to do. But we do have a
non-negligible number of users (including administrators and stewards) who
will need to have a way to access these projects. Do you have a way to
exempt them?
As I mentioned above. As long as they log-in to their home wiki, they will
get a central auth cookie that will keep them logged-in on every other
project, which includes commons, meta, etc. If they visit other projects as
an anonymous user and try to log in, they'll be redirected to HTTPS, which
will fail.
- Ryan