On Wed, Nov 14, 2012 at 8:25 AM, Faidon Liambotis faidon@wikimedia.orgwrote:
Following last year's Native HTTPS efforts¹, I've pushed a change² today that redirects all the old secure.wikimedia.org URLs to the respective native HTTPS ones, e.g. https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page gets redirected to https://en.wikipedia.org/wiki/Main_Page
Awesome! Another old hack swept away. :D
Do we have a timetable for migrating all login sessions to HTTPS yet? I love that we've got a clean HTTPS option available, but it really skeezes me out that we still allow logins and passwords over plain HTTP.
-- brion