Page MenuHomePhabricator

Special:CentralAutoLogin/checkLoggedIn redirects to wikimediafoundation.org on Beta Cluster
Closed, InvalidPublic

Description

Observed on http://en.wikipedia.beta.wmflabs.org/wiki/Main_Page
Sequence of events:

http://login.wikimedia.beta.wmflabs.org/wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&wikiid=enwiki&proto=http
301 Moved Permanently
Location:http://wikimediafoundation.org/wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&wikiid=enwiki&proto=http

http://wikimediafoundation.org/wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&wikiid=enwiki&proto=http
307 Internal Redirect
Location:https://wikimediafoundation.org/wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&wikiid=enwiki&proto=http

https://wikimediafoundation.org/wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&wikiid=enwiki&proto=http
404 Not Found

Event Timeline

MaxSem created this task.Feb 12 2016, 12:33 AM
MaxSem raised the priority of this task from to Needs Triage.
MaxSem updated the task description. (Show Details)
MaxSem added subscribers: MaxSem, Anomie, Tgr, bd808.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptFeb 12 2016, 12:33 AM
greg renamed this task from Special:CentralAutoLogin/checkLoggedIn redirects to wikimediafoundation.org on betalabs to Special:CentralAutoLogin/checkLoggedIn redirects to wikimediafoundation.org on Beta Cluster.Feb 12 2016, 12:40 AM
greg set Security to None.
$ curl -v 'http://login.wikimedia.beta.wmflabs.org/wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&wikiid=enwiki&proto=http'
*   Trying 208.80.155.135...
* Connected to login.wikimedia.beta.wmflabs.org (208.80.155.135) port 80 (#0)
> GET /wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&wikiid=enwiki&proto=http HTTP/1.1
> Host: login.wikimedia.beta.wmflabs.org
> User-Agent: curl/7.47.0
> Accept: */*
> 
< HTTP/1.1 301 Moved Permanently
< Server: Apache
< X-Powered-By: HHVM/3.3.0-static
< Location: http://wikimediafoundation.org/wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&wikiid=enwiki&proto=http
< Content-Type: text/html; charset=iso-8859-1
< Vary: X-Forwarded-Proto
< X-Varnish: 525489233, 2009175075 2006602643
< Via: 1.1 varnish, 1.1 varnish
< Transfer-Encoding: chunked
< Date: Fri, 12 Feb 2016 02:40:36 GMT
< Age: 1414095
< Connection: keep-alive
< X-Cache: deployment-cache-text04 miss (0), deployment-cache-text04 frontend hit (13856)
< Set-Cookie: WMF-Last-Access=12-Feb-2016;Path=/;HttpOnly;Expires=Tue, 15 Mar 2016 00:00:00 GMT
< X-Analytics: nocookies=1
< X-Client-IP: XX.XX.XX.XX
< Cache-Control: private, s-maxage=0, max-age=0, must-revalidate
< Set-Cookie: GeoIP=XXXXX:v4; Path=/; Domain=.wmflabs.org
< 
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://wikimediafoundation.org/wiki/Special:CentralAutoLogin/checkLoggedIn?type=script&amp;wikiid=enwiki&amp;proto=http">here</a>.</p>
</body></html>
* Connection #0 to host login.wikimedia.beta.wmflabs.org left intact
$ curl -v 'http://login.wikimedia.beta.wmflabs.org/wiki/Special:CentralAutoLogin/checkLoggedIn?wikiid=enwiki&proto=http&type=script'
*   Trying 208.80.155.135...
* Connected to login.wikimedia.beta.wmflabs.org (208.80.155.135) port 80 (#0)
> GET /wiki/Special:CentralAutoLogin/checkLoggedIn?wikiid=enwiki&proto=http&type=script HTTP/1.1
> Host: login.wikimedia.beta.wmflabs.org
> User-Agent: curl/7.47.0
> Accept: */*
> 
< HTTP/1.1 200 OK
< Server: Apache
< X-Powered-By: HHVM/3.6.5
< X-Content-Type-Options: nosniff
< P3P: CP="This is not a P3P policy! See http://login.wikimedia.beta.wmflabs.org/wiki/Special:CentralAutoLogin/P3P for more info."
< Vary: Accept-Encoding,Cookie,Authorization
< Backend-Timing: D=158201 t=1455245075339790
< Content-Type: text/javascript; charset=utf-8
< X-Varnish: 1934230840, 2009176186
< Via: 1.1 varnish, 1.1 varnish
< Transfer-Encoding: chunked
< Date: Fri, 12 Feb 2016 02:44:35 GMT
< Age: 0
< Connection: keep-alive
< X-Cache: deployment-cache-text04 miss (0), deployment-cache-text04 frontend miss (0)
< Set-Cookie: WMF-Last-Access=12-Feb-2016;Path=/;HttpOnly;Expires=Tue, 15 Mar 2016 00:00:00 GMT
< X-Analytics: nocookies=1
< X-Client-IP: XX.XX.XX.XX
< Cache-Control: private, s-maxage=0, max-age=0, must-revalidate
< Set-Cookie: GeoIP=XXXXX:v4; Path=/; Domain=.wmflabs.org
< 
/* Not centrally logged in */
* Connection #0 to host login.wikimedia.beta.wmflabs.org left intact
var t=new Date();t.setTime(t.getTime()+86400000);try{localStorage.setItem('CentralAuthAnon',t.getTime());}catch(e){document.cookie='CentralAuthAnon=1; expires='+t.toGMTString()+'; path=/';}

Seems unlikely to be MediaWiki, since the same request with parameters in a different order is being handled differently. The bad response is also missing the X-Content-Type-Options: nosniff header that's added early in WebStart.php, has charset=iso-8859-1 rather than charset=utf-8, and has a redirect body that's more like what Apache generically sets than anything MediaWiki does.

Tgr added a comment.Feb 12 2016, 4:31 AM

Maybe during T124804 some redirect responses got cached.

Krenair closed this task as Invalid.Apr 10 2016, 12:52 AM
Krenair added a subscriber: Krenair.

Likely a cached issue as @Tgr suggested because I can not reproduce this now.