Page MenuHomePhabricator
Create Task
Maniphest T183755

Redirect http to https on new codesearch.wmflabs.org
Closed, ResolvedPublic
Actions

Description

As all wikis using https-everywhere, the tool on wmflabs should do that, too.

http://codesearch.wmflabs.org/search/ -> https://codesearch.wmflabs.org/search/

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Set HSTS header for one daylabs/codesearchmaster+7 -0
Redirect all HTTP requests to HTTPSlabs/codesearchmaster+7 -0
Customize query in gerrit

Related Objects

Event Timeline

Umherirrender created this task.Dec 28 2017, 9:05 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 28 2017, 9:05 PM
Legoktm claimed this task.Dec 29 2017, 7:26 AM
Legoktm subscribed.

Ideally T120486: Set "https_upgrade" configuration flag for domainproxy to enforce HTTPS upgrade for GET|HEAD requests would be implemented, but I think we can probably hack around this the same way as I do in toolforge tools...

gerritbot subscribed.Dec 30 2017, 1:10 AM

Change 400850 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[labs/codesearch@master] Redirect all HTTP requests to HTTPS

https://gerrit.wikimedia.org/r/400850

gerritbot added a project: Patch-For-Review.Dec 30 2017, 1:10 AM

Change 400850 merged by Legoktm:
[labs/codesearch@master] Redirect all HTTP requests to HTTPS

https://gerrit.wikimedia.org/r/400850

Legoktm mentioned this in rLCSH31323914996c: Redirect all HTTP requests to HTTPS.Dec 30 2017, 1:12 AM
Legoktm added a comment.Dec 30 2017, 1:15 AM

So it's HTTPS-only except...

km@km-pt ~> curl -I "https://codesearch.wmflabs.org/" | grep location
location: http://codesearch.wmflabs.org/search/
gerritbot added a comment.Dec 30 2017, 1:22 AM

Change 400858 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[labs/codesearch@master] Set HSTS header for one day

https://gerrit.wikimedia.org/r/400858

gerritbot added a comment.Dec 30 2017, 1:22 AM

Change 400858 merged by Legoktm:
[labs/codesearch@master] Set HSTS header for one day

https://gerrit.wikimedia.org/r/400858

Legoktm mentioned this in rLCSH40b8af49bafc: Set HSTS header for one day.Dec 30 2017, 1:24 AM
Legoktm closed this task as Resolved.Dec 30 2017, 1:26 AM

OK, with HSTS it should always always use HTTPS now.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits