On Sun, Mar 30, 2003 at 06:35:50PM -0800, Brion Vibber wrote:
On Sun, 2003-03-30 at 17:02, Nick Reinking wrote:
You can only have one virtual host per IP/port with ssl. Sorry, SSL limitation, can't be helped. All you have to do (provided all of the wikis are on the same machine) is redirect everybody to www.wikipedia.org for the login, and then back to their original language for everything else. So, it can be done, but it is annoying.
Hmm, that reminds me.
Way back when, I suggested* using paths instead of hostnames for the languages:
http://wikipedia.org/en/Jimmy_Carter http://wikipedia.org/eo/Jimmy_CARTER http://wikipedia.org/ko/%ec%a7%80%eb%af%b8_%ec%b9%b4%ed%84%b0
Aside from being (IMHO) more aesthetically pleasing than the current system, this would neatly solve the https problem by only using one hostname for all languages. (Old names would always be allowed on http for backwards compatibility, but not on https since we can't support that, and have no backwards compatibility URls to worry about anyway.)
Not to mention squishing the wait for register.com's shitty DNS servers. Getting old links to work would still be quite easy with an Apache redirect rule.
If this were to be done without first setting up the single sign-in system, we'd have to limit the cookie paths to the language-specific subdirectories. (Caveat: what to do about directly calling the script for diffs, edit, etc etc. This stuff needs access to the session cookie, but we want it all in a distinct place so they can be cordoned off in robots.txt, for which appending a query string after the title is insufficient.) It may also be possible to rename the cookies. Sigh... I still think the cookie/login system needs to be seriously reworked to avoid setting any cookies until actual login time to avoid scaring the paranoid.
Technically, they aren't really paranoid, since we are out to get them. They just have an over-abundence of common sense. :P I can't say much about the other parts; cookie setups vary widely. Any docs on how that all works?