Page MenuHomePhabricator

Beta giving Error: 403, Insecure POST Forbidden
Closed, ResolvedPublic

Description

Request: POST http://en.m.wikipedia.beta.wmflabs.org/w/api.php, from redacted via deployment-cache-mobile04 frontend ([10.68.18.110]:80), Varnish XID 1330974701
Forwarded for: redacted
Error: 403, Insecure POST Forbidden - use HTTPS at Thu, 10 Sep 2015 21:56:26 GMT

Presumably caused by T105794: Insecure POST traffic

Event Timeline

Krenair created this task.Sep 10 2015, 10:07 PM
Krenair raised the priority of this task from to Needs Triage.
Krenair updated the task description. (Show Details)
Krenair added a subscriber: Krenair.
Restricted Application added subscribers: Matanya, Aklapper. · View Herald TranscriptSep 10 2015, 10:07 PM

Change 237523 had a related patch set uploaded (by Alex Monk):
Don't try to enforce secure POSTs on beta

https://gerrit.wikimedia.org/r/237523

Dzahn added a subscriber: Dzahn.Sep 10 2015, 11:58 PM

importing gerrit comments:
//
Alex Monk 15:31
Patch Set 1:

I guess we want to do something with hiera here, this is just the hack I put on deployment-puppetmaster so I could continue what I was doing

Dzahn 15:33
Patch Set 1:
can't we stop making the insecure requests instead of introducing another special rule for labs? i assume it's blocked by T50501 though, right?

Alex Monk 15:35
Patch Set 1:

That was my assumption, yes.//

jcrespo triaged this task as Normal priority.Sep 11 2015, 3:56 PM
jcrespo added a subscriber: jcrespo.

Normal as the blocking task- there is no consensus about the right solution.

BBlack added a subscriber: BBlack.

The SSL cert issue is complex, we shouldn't block on this to fix beta here. Something like Alex's local patch is warranted for now, but maybe factored a little differently.

Actually, all the other ways to factor this seem uglier. Merging Alex's instead :)

Change 237523 merged by BBlack:
Don't try to enforce secure POSTs on beta

https://gerrit.wikimedia.org/r/237523

Krenair closed this task as Resolved.Sep 11 2015, 4:50 PM
Krenair claimed this task.
BBlack moved this task from Triage to Done on the Traffic board.Sep 22 2015, 1:57 PM
Restricted Application added a subscriber: Luke081515. · View Herald TranscriptSep 22 2015, 1:57 PM