Project Information
- Name of tool/project: SecureLinkFixer
- Project home page: T200745: Automatically rewrite HTTP links to HTTPS for sites in the HSTS preload list & https://www.mediawiki.org/wiki/Extension:SecureLinkFixer
- Name of team requesting review: Platform Engineering
- Primary contact: @Legoktm
- Target date for deployment: End of August?
- Link to code repository / patchset: http://gerrit.wikimedia.org/g/mediawiki/extensions/SecureLinkFixer
Description of the tool/project
Automatically rewrites HTTP links to HTTPS if the domain is on the HSTS preload list.
Description of how the tool will be used at WMF
It'll be deployed in the default configuration (there are no settings) to all wikis. It's a MediaWiki extension.
Dependencies
The extension bundles a PHP version of Mozilla's HSTS preload list. My rough plan is to update the list on a similar cycle to Firefox releases (monthly). I don't think there's any urgency of updates, given that it already takes months for new additions to make their way through the browser release cycle, and removals are pretty rare, and suffer from other problems.
Has this project been reviewed before?
No
Working test environment
Should be as simple as wfLoadExtension( 'SecureLinkFixer' );
Post-deployment
Same maintenance plan.