Page MenuHomePhabricator

Remove non-SSL fallback code from app
Closed, ResolvedPublic

Description

Since our entire cluster is https only anyway, the fallback doesn't do anything useful and could potentially be used to launch attacks against users (by tricking them into using a http version that's controlled by an attacker)

Event Timeline

yuvipanda raised the priority of this task from to Needs Triage.
yuvipanda updated the task description. (Show Details)
yuvipanda subscribed.

Change 264559 had a related patch set uploaded (by Yuvipanda):
Remove code that falls back to HTTP

https://gerrit.wikimedia.org/r/264559

Change 264559 merged by jenkins-bot:
Remove code that falls back to HTTP

https://gerrit.wikimedia.org/r/264559

This may have been merged a bit prematurely. The fallback in our code was *not* from https to http, but instead from mdot to desktop. The latter may still be useful under some circumstances. The hackiness of the code obscures this fact almost completely, so it's natural that it was overlooked. I'll check the eventlogging db for the volume of these fallbacks, and see if we need to revert. (cc @Niedzielski)

There were two things that were removed:

  1. EventLogging fallback from HTTPS to HTTP
  2. Everything else fallback from m. to desktop

The latter was put in place because at some points the Great Chinese Firewall would block the mobile IP but not the desktop one for https, or vice versa (and was inconsistent). That point is moot now since we're https-only, and in a week or two m. and normal desktop site will be part of the same varnish cluster as well.

See T109286 for info on the merge of the two varnish clusters.