I'm happy to announce we've added native HTTPS support to all of the projects. See the blog post for more information:
http://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wi...
If you find any bugs, please report in bugzilla.
- Ryan Lane
On Tue, Oct 4, 2011 at 12:26 AM, Ryan Lane rlane32@gmail.com wrote:
http://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wi...
We're announcing HTTPS support but why isn't this link pointing to https://blog.wikimedia.org/ ?
-Liangent
* Liangent wrote:
On Tue, Oct 4, 2011 at 12:26 AM, Ryan Lane rlane32@gmail.com wrote:
http://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wi...
We're announcing HTTPS support but why isn't this link pointing to https://blog.wikimedia.org/ ?
A good reason would be that loading that resulsts in a certificate error as edge.quantserve.com's certificate is for various akamai hosts only. I do not know why edge.quantserve.com is loaded from; the blog's privacy policy might explain that.
Great news, excellent work! Are there any plans to 'translate' diff links or history links to their secure counterparts? Op 3 okt. 2011 19:27 schreef "Bjoern Hoehrmann" derhoermi@gmx.net het volgende:
- Liangent wrote:
On Tue, Oct 4, 2011 at 12:26 AM, Ryan Lane rlane32@gmail.com wrote:
http://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wi...
We're announcing HTTPS support but why isn't this link pointing to https://blog.wikimedia.org/ ?
A good reason would be that loading that resulsts in a certificate error as edge.quantserve.com's certificate is for various akamai hosts only. I do not know why edge.quantserve.com is loaded from; the blog's privacy policy might explain that. -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de 25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
On Mon, Oct 3, 2011 at 7:36 PM, Martijn Hoekstra martijnhoekstra@gmail.com wrote:
Great news, excellent work! Are there any plans to 'translate' diff links or history links to their secure counterparts?
Which diff/hist links, where, exactly? Most of them should have been taken care of automagically.
Roan
On Mon, Oct 3, 2011 at 10:36 AM, Martijn Hoekstra <martijnhoekstra@gmail.com
wrote:
Great news, excellent work! Are there any plans to 'translate' diff links or history links to their secure counterparts?
Redirects will be put in place when the old proxy is retired: "What will happen to secure.wikimedia.org? Links pointing to secure.wikimedia.org will continue to work. The plan is to make URLs on secure.wikimedia.org redirect to the proper HTTPS URLs. secure.wikimedia.org will no longer act as a proxy for the sites."
So for example this diff link:
< https://secure.wikimedia.org/wikipedia/mediawiki/w/index.php?title=Extension...
will in future automatically redirect you to the new URL:
< https://www.mediawiki.org/w/index.php?title=Extension:TableEdit2&curid=6...
-- brion
We're announcing HTTPS support but why isn't this link pointing to https://blog.wikimedia.org/ ?
I know this is a troll, but I'm going to answer it seriously. We are supporting https, but we aren't doing https only. We don't have plans for only doing https. You are welcome to take the link and change it to https. It'll work.
- Ryan
https://en.m.wikipedia.org not support....
Chinese wikipedia: http://zh.wikipedia.org/ My blog: http://shizhao.org twitter: https://twitter.com/shizhao
[[zh:User:Shizhao]]
2011/10/4 Liangent liangent@gmail.com
On Tue, Oct 4, 2011 at 12:26 AM, Ryan Lane rlane32@gmail.com wrote:
http://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wi...
We're announcing HTTPS support but why isn't this link pointing to https://blog.wikimedia.org/ ?
-Liangent
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
On 10/9/11, shi zhao shizhao@gmail.com wrote:
https://en.m.wikipedia.org not support....
This is a known issue, see https://bugzilla.wikimedia.org/show_bug.cgi?id=31333 .
Roan
On Mon, Oct 3, 2011 at 9:26 AM, Ryan Lane rlane32@gmail.com wrote:
I'm happy to announce we've added native HTTPS support to all of the projects. See the blog post for more information:
Huge props to everyone involved in making this happen. It's been a long time coming, and it's fantastic to see it live. :-)
On 03/10/11 18:26, Ryan Lane wrote:
I'm happy to announce we've added native HTTPS support to all of the projects. See the blog post for more information:
http://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wi...
If you find any bugs, please report in bugzilla.
Congratulations!
Can you possible enable $wgSecureLogin on all wiki? The feature let you login under HTTPS when you are come from HTTP.
Man page: http://www.mediawiki.org/wiki/Manual:$wgSecureLogin
Revisions: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/75585
Thx :-)
On Mon, Oct 3, 2011 at 12:13 PM, Ashar Voultoiz hashar+wmf@free.fr wrote:
Can you possible enable $wgSecureLogin on all wiki? The feature let you login under HTTPS when you are come from HTTP.
Man page: http://www.mediawiki.org/wiki/Manual:$wgSecureLogin
Revisions: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/75585
Hmm, this seems to indicate it will return you to http: after authenticating; this is an unsafe practice which I would recommend strongly against.
If you log in on HTTPS, we want to make sure that no session data (eg login cookies) can leak to HTTP -- where someone on your wireless network could hijack your session, delete a thousand pages on Wikipedia, and get your account locked out.
Note also that there appear to still be issues with native SSL when there are multiple subdomain levels, eg < https://bugzilla.wikimedia.org/show_bug.cgi?id=29896#c4%3E so we're not in a hurry to point everybody at those https: links until some further shakedown and fixes. :)
-- brion
On 3 October 2011 21:18, Brion Vibber brion@pobox.com wrote:
On Mon, Oct 3, 2011 at 12:13 PM, Ashar Voultoiz hashar+wmf@free.fr wrote:
Can you possible enable $wgSecureLogin on all wiki? The feature let you login under HTTPS when you are come from HTTP.
Man page: http://www.mediawiki.org/wiki/Manual:$wgSecureLogin
Revisions: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/75585
Hmm, this seems to indicate it will return you to http: after authenticating; this is an unsafe practice which I would recommend strongly against.
If you log in on HTTPS, we want to make sure that no session data (eg login cookies) can leak to HTTP -- where someone on your wireless network could hijack your session, delete a thousand pages on Wikipedia, and get your account locked out.
The $wgSecureLogin thing was and is a treatment to a symptom of the problem, not its cause. Once the bugs brion mentions are worked through, we should be encouraging all logged-in users to go to, and stay with, SSL. What $wgSecureLogin should do is prompt all visits to Special:UserLogin to be redirected to https, and *not* send them back.
--HM
On 10/03/2011 12:26 PM, Ryan Lane wrote:
I'm happy to announce we've added native HTTPS support to all of the projects. See the blog post for more information:
http://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wi...
If you find any bugs, please report in bugzilla.
- Ryan Lane
I am going to be so superlatively happy when the new HTTPS Everywhere rulesets exist and propagate and I have lithe compact URIs in my address bar to paste into emails. Thanks to everyone who worked on this.
On 10/4/11 7:50 AM, Sumana Harihareswara wrote:
On 10/03/2011 12:26 PM, Ryan Lane wrote:
I'm happy to announce we've added native HTTPS support to all of the projects. See the blog post for more information:
http://blog.wikimedia.org/2011/10/03/native-https-support-enabled-for-all-wi...
If you find any bugs, please report in bugzilla.
- Ryan Lane
I am going to be so superlatively happy when the new HTTPS Everywhere rulesets exist and propagate and I have lithe compact URIs in my address bar to paste into emails. Thanks to everyone who worked on this.
As an early proponent (going back many years), I'd like to express my thanks for this work!
After the delays for even simple wikipedia access that I've reported in a number of longstanding bugs that are being closed, thanks again!
As a user of HTTPS Everywhere ever since it was announced, I look forward to the improved rulesets.
On Sat, Oct 8, 2011 at 11:38 AM, William Allen Simpson william.allen.simpson@gmail.com wrote:
As a user of HTTPS Everywhere ever since it was announced, I look forward to the improved rulesets.
Apparently, my ruleset is already included in the development version of HTTPSEverywhere. That is to say, I got a bug report from someone who installed the development build and hit a bug in my ruleset (missing exception for a .wikimedia.org domain that doesn't support HTTPS). I was kind of surprised the ruleset had been included because I did say it was experimental, but I guess it's fine since it's the development build :) .
I have asked Ryan to provide a list of all .wikimedia.org domains that do not support HTTPS, so I can complete the exclusion list in a systematic way (rather than by trial and error in my own browser). When that's happened, I believe we can declare the ruleset to be stable and ask the HE folks to ship it.
Roan
On Sat, Oct 8, 2011 at 3:58 AM, Roan Kattouw roan.kattouw@gmail.com wrote:
On Sat, Oct 8, 2011 at 11:38 AM, William Allen Simpson william.allen.simpson@gmail.com wrote:
As a user of HTTPS Everywhere ever since it was announced, I look forward to the improved rulesets.
Apparently, my ruleset is already included in the development version of HTTPSEverywhere. That is to say, I got a bug report from someone who installed the development build and hit a bug in my ruleset (missing exception for a .wikimedia.org domain that doesn't support HTTPS). I was kind of surprised the ruleset had been included because I did say it was experimental, but I guess it's fine since it's the development build :) .
I have asked Ryan to provide a list of all .wikimedia.org domains that do not support HTTPS, so I can complete the exclusion list in a systematic way (rather than by trial and error in my own browser). When that's happened, I believe we can declare the ruleset to be stable and ask the HE folks to ship it.
Any update on this?
I just did a fresh install of HTTPS Everywhere and it's still using the https://secure.wikimedia.org/ rules.
-- brion
On Thu, 03 Nov 2011 14:35:47 -0700, Brion Vibber brion@pobox.com wrote:
On Sat, Oct 8, 2011 at 3:58 AM, Roan Kattouw roan.kattouw@gmail.com wrote:
On Sat, Oct 8, 2011 at 11:38 AM, William Allen Simpson william.allen.simpson@gmail.com wrote:
As a user of HTTPS Everywhere ever since it was announced, I look
forward
to the improved rulesets.
Apparently, my ruleset is already included in the development version of HTTPSEverywhere. That is to say, I got a bug report from someone who installed the development build and hit a bug in my ruleset (missing exception for a .wikimedia.org domain that doesn't support HTTPS). I was kind of surprised the ruleset had been included because I did say it was experimental, but I guess it's fine since it's the development build :) .
I have asked Ryan to provide a list of all .wikimedia.org domains that do not support HTTPS, so I can complete the exclusion list in a systematic way (rather than by trial and error in my own browser). When that's happened, I believe we can declare the ruleset to be stable and ask the HE folks to ship it.
Any update on this?
I just did a fresh install of HTTPS Everywhere and it's still using the https://secure.wikimedia.org/ rules.
-- brion
HTTPS Everyehwere's release period is slow... incredibly slow.
It took ages for the mediawiki.org rules that were already ready and in their repo to finally be released.
On Thu, Nov 3, 2011 at 2:41 PM, Daniel Friesen lists@nadir-seen-fire.comwrote:
On Thu, 03 Nov 2011 14:35:47 -0700, Brion Vibber brion@pobox.com wrote:
Any update on this?
I just did a fresh install of HTTPS Everywhere and it's still using the https://secure.wikimedia.org/ rules.
HTTPS Everyehwere's release period is slow... incredibly slow.
It took ages for the mediawiki.org rules that were already ready and in their repo to finally be released.
Fair enough. :D
I can confirm the development version of the ext has the updated https://*. wikipedia.org/ rules (but have the issues with all domains been worked out yet there?)
-- brion
On Thu, Nov 3, 2011 at 10:43 PM, Brion Vibber brion@pobox.com wrote:
I can confirm the development version of the ext has the updated https://*. wikipedia.org/ rules (but have the issues with all domains been worked out yet there?)
Not really. I've been asking for a list of all non-HTTPS-enabled .wm.o domains so I can complete the exemptions list, but it hasn't been produced so far.
Roan
On 03/11/11 22:47, Roan Kattouw wrote:
Not really. I've been asking for a list of all non-HTTPS-enabled .wm.o domains so I can complete the exemptions list, but it hasn't been produced so far.
Maybe it will be 'easier' to convert those domains to HTTPS? :-)
On Fri, Nov 4, 2011 at 12:02 AM, Antoine Musso hashar+wmf@free.fr wrote:
On 03/11/11 22:47, Roan Kattouw wrote:
Not really. I've been asking for a list of all non-HTTPS-enabled .wm.o domains so I can complete the exemptions list, but it hasn't been produced so far.
Maybe it will be 'easier' to convert those domains to HTTPS? :-)
For domains where it should be easy, I've filed RT tickets. Some domains already have HTTPS but are simply serving the cert for another domain that lives on the same box.
Roan
On 11/3/11 5:43 PM, Brion Vibber wrote:
On Thu, Nov 3, 2011 at 2:41 PM, Daniel Friesenlists@nadir-seen-fire.comwrote:
On Thu, 03 Nov 2011 14:35:47 -0700, Brion Vibberbrion@pobox.com wrote:
Any update on this?
I just did a fresh install of HTTPS Everywhere and it's still using the https://secure.wikimedia.org/ rules.
HTTPS Everyehwere's release period is slow... incredibly slow.
It took ages for the mediawiki.org rules that were already ready and in their repo to finally be released.
Fair enough. :D
I can confirm the development version of the ext has the updated https://*. wikipedia.org/ rules (but have the issues with all domains been worked out yet there?)
HTTPS-Everywhere 1.2 is out today, with the new rules. Seems to work well.
On Tue, Nov 15, 2011 at 4:51 AM, William Allen Simpson william.allen.simpson@gmail.com wrote:
HTTPS-Everywhere 1.2 is out today, with the new rules. Seems to work well.
Yay! I'll have to check if this includes the latest version of my rule set, but it's good news regardless.
Roan
wikitech-l@lists.wikimedia.org