On Wed, Nov 14, 2012 at 01:48:27PM -0500, Derric Atzrott wrote: HTTPS Everywhere is currently set up to redirect using the native HTTPS support (http://en.wp -> https://en.wp); it used to support redirects to secure.wikimedia.org, but Roan Kattouw and Sam Reed updated it quite a while ago. secure.wm.org never supported HTTP and secure.wm.org HTTPS gets redirected by our redirects without any privacy loss, so there's nothing to add to HTTPS Everywhere that I can see. Thanks for the offer though. Regards, Faidon PS. Fun fact: HTTPS Everywhere's git master already has rules for Wikidata & Wikivoyage, thanks to the always awesome Reedy.

On 11/14/12 5:56 PM, MZMcBride wrote: Cool. Tested and works fine with HTTPS Everywhere. And thanks for all the helpful https work in the past few years!

On 16/11/12 22:04, Brion Vibber wrote: We have self-signed certificates, too... (bug 27291).

Le 16/11/12 22:04, Brion Vibber a écrit : <snip> I guess it is all about enabling $wgSecureLogin [1] which would force the login form to use HTTPS for its POST. I speedy hacked it two years ago and Chris Steipp has fixed it a few weeks ago. Maybe we could enable it on test first and see how it goes? [1] http://www.mediawiki.org/wiki/Manual:$wgSecureLogin -- Antoine "hashar" Musso

There is one more bug I'd like to fix before turning wgSecurelogin on.. I'm going to get it into wmf5, and then we can turn it on. On Nov 17, 2012 10:03 AM, "Antoine Musso" &lt;hashar+wmf(a)free.fr&gt; wrote: