Page MenuHomePhabricator

http://citoid.wikimedia.org/ should force HTTPS
Closed, ResolvedPublic1 Story Points

Description

https://citoid.wikimedia.org/ works great, but unfortunately so does http://citoid.wikimedia.org/ when really it should redirect.

Event Timeline

Jdforrester-WMF raised the priority of this task from to Normal.
Jdforrester-WMF updated the task description. (Show Details)
Jdforrester-WMF added subscribers: mobrovac, Mvolz, Aklapper and 2 others.
Restricted Application added a subscriber: Matanya. · View Herald TranscriptAug 10 2015, 9:26 PM
Krenair set Security to None.
Krenair edited projects, added Traffic, Security; removed Security-Team-Reviews.

Hopefully we will be able to turn off parsoidcache soon(TM), which effectively means citoid.wikimedia.org would disappear. Instead, Citoid requests would be served by RESTBase (cf T108646: Set-up Citoid behind RESTBase).

@BBlack is there a (possibly-trivial) way to set the redirection up in parsoidcache? Given that we'd all like to get rid of it and try to work towards that, does it make sense to set it up at all?

@Jdforrester-WMF apart from Citoid's extension, are there any other known users of citoid.wikimedia.org?

@mobrovac: the code used to redirect the main sites can be enabled for parsoidcache with the flick of a virtual switch. We just didn't do it yet because of fears some consumers of the services hosted there (parsoid, citoid, cxserver, graphoid, restbase) not being compatible with the redirects, and there are other bigger fish to fry first :)

If you think we can flip the switch now, I'm all for it.

Hopefully we will be able to turn off parsoidcache soon(TM), which effectively means citoid.wikimedia.org would disappear. Instead, Citoid requests would be served by RESTBase (cf T108646: Set-up Citoid behind RESTBase).

Oh. :-(

@Jdforrester-WMF apart from Citoid's extension, are there any other known users of citoid.wikimedia.org?

Quite a few gadgets and user scripts out there. This has been the public URL for months and we've encouraged developers to use it. Deprecating it is fine, but removing it all of a sudden would not be very cool.

BBlack added a comment.EditedAug 10 2015, 11:36 PM

So long as the mapping is trivial (e.g. https://citoid.wikimedia.org/foo/bar becomes https://en.wikipedia.org/api/v1/citoid/foo/bar), we can easily support the old URL mapping in the text cluster as well, without keeping parsoidcache itself alive.

So long as the mapping is trivial (e.g. https://citoid.wikimedia.org/foo/bar becomes https://en.wikipedia.org/api/v1/citoid/foo/bar), we can easily support the old URL mapping in the text cluster as well, without keeping parsoidcache itself alive.

Sounds good.

If you think we can flip the switch now, I'm all for it.

I gather from this that if we flip the switch we have to do it for all of the services? If so, it'd be prudent not to force it just yet. If we can do it just for Citoid, we'd need to gather more info on the consumers. @Jdforrester-WMF - thoughts? Send an announcement to a magic VE or the wikitech list?

Quite a few gadgets and user scripts out there. This has been the public URL for months and we've encouraged developers to use it. Deprecating it is fine, but removing it all of a sudden would not be very cool.

Yeah, that's why I was asking.

So long as the mapping is trivial (e.g. https://citoid.wikimedia.org/foo/bar becomes https://en.wikipedia.org/api/v1/citoid/foo/bar), we can easily support the old URL mapping in the text cluster as well, without keeping parsoidcache itself alive.

Hm. The change would involve transforming requests like:

curl 'http://citoid.wikimedia.org/api?search=blah&format=mediawiki'

into:

curl https://en.wikipedia.org/api/rest_v1/data/citation/mediawiki/blah

So, we'd need a rewrite that moves data from the query string into the URL. Pretty tricky. But, we might want to allow RESTBase to accept requests like https://en.wikipedia.org/api/rest_v1/data/citation?search=blah&format=mediawiki and then internally redirect it to https://en.wikipedia.org/api/rest_v1/data/citation/mediawiki/blah

Mvolz moved this task from Backlog to Production on the Citoid board.Aug 12 2015, 9:02 AM
Dzahn moved this task from Backlog to Blocked on External on the HTTPS board.Dec 3 2015, 7:19 PM
BBlack closed this task as Resolved.Apr 6 2016, 1:40 PM
BBlack claimed this task.

When we moved various *oid to the text cluster as part of the parsoidcache decom, they got forced to HTTPS-only as a side-effect.

Restricted Application added a project: VisualEditor. · View Herald TranscriptApr 6 2016, 1:40 PM
Restricted Application added a subscriber: Malyacko. · View Herald Transcript
Jdforrester-WMF set the point value for this task to 1.
sbassett moved this task from Backlog to Done on the Security-Team board.Jun 11 2019, 7:17 PM
Restricted Application added a project: User-Ryasmeen. · View Herald TranscriptJun 11 2019, 7:17 PM