Page MenuHomePhabricator
Create Task
Maniphest T233090

Should EditURI be calculated using the site's canonical protocol?
Closed, DuplicatePublic
Actions

Description

We're currently including a protocol-relative EditURI on pages, but I'm not sure that makes sense any more. The change dates back to 2011, when we were preparing to migrate from mixed http/https to pure https: rMW6adb2e86a52f485c649b7409c66c5ffde99c082e

Since the edit API requires https to perform any POST request on Wikimedia sites, it seems preferable to use the canonical protocol for EditURI, to reduce the possibility of a client incorrectly producing an http URL. (I just ran into this in T228851.)

Related Objects

Event Timeline

awight created this task.Sep 17 2019, 9:40 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 17 2019, 9:40 AM
Aklapper added a project: MediaWiki-General.Sep 17 2019, 11:42 AM

@awight: Assuming this task is about MediaWiki-General, hence adding project tag so others can find this task when searching for tasks under that project or looking at that project workboard.

Anomie moved this task from Inbox to Triage Meeting Inbox on the Platform Engineering board.Sep 17 2019, 1:46 PM
Anomie subscribed.

It seems to me that if a client is producing an http URL on a Wikimedia site where the page must have been loaded over https, then most likely the client is not following RFC 3986 § 5.1 which would be a bug in the client.

If we do anything here, I'd say it should be T118413: Wikimedia wikis should use https:// in $wgServer so we stop generating protocol-relative links anywhere.

Anomie closed this task as a duplicate of T118413: Wikimedia wikis should use https:// in $wgServer.Sep 17 2019, 6:18 PM

After discussion in our triage meeting, we (CPT) decided this should be closed in favor of T118413: Wikimedia wikis should use https:// in $wgServer.

awight added a comment.Sep 17 2019, 10:14 PM
In T233090#5500369, @Anomie wrote:

After discussion in our triage meeting, we (CPT) decided this should be closed in favor of T118413: Wikimedia wikis should use https:// in $wgServer.

Excellent, thank you for the elegant solution!

awight added a comment.Sep 17 2019, 10:17 PM

One more note—I think this explains a bothersome difference between the beta cluster and production, I've been bitten by these protocol-relative URLs several times now because beta-cluster smoke testing demonstrates different behavior. T118413 should help reconcile the two.

Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:38 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL