Page MenuHomePhabricator

https-links should not be outputted to irc.wikimedia.org (Regression)
Closed, ResolvedPublic

Description

Today I noticed an https-link showing up in the raw recentchanges feed at irc.wikimedia.org, it was this link:

https://commons.wikimedia.org/w/index.php?diff=56725539&oldid=53104016&rcid=57922460


Version: unspecified
Severity: major

Details

Reference
bz29925

Event Timeline

bzimport raised the priority of this task from to High.Nov 21 2014, 11:32 PM
bzimport set Reference to bz29925.
bzimport added a subscriber: Unknown Object (MLST).

Why shouldn't the links be outputted as https?

(In reply to comment #1)

Why shouldn't the links be outputted as https?

Because it breaks their patrolling bots. Which is stupid, but whatever.

There is precedent for this, though: there is code in place to output normal http URLs to IRC instead of https://secure.wikimedia.org URLs. The relevant hack in MediaWiki is Title::getInternalUrl(), $wgInternalServer and the GetInternalUrl hook, all of which date back to 2005 AFAIK. The WMF configuration for this is in wmf-config/secure.php .

I've fixed this in CommonSettings.php as follows:

} elseif ( isset( $_SERVER['HTTP_X_FORWARDED_PROTO'] ) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) {

// New HTTPS service on regular URLs

+ $wgInternalServer = $wgServer; // Keep this as HTTP for IRC notifications (bug 29925)

$wgServer = preg_replace( '/^http:/', 'https:', $wgServer );

} else {

  1. For non-SSL hosts...

(In reply to comment #2)

(In reply to comment #1)

Why shouldn't the links be outputted as https?

Because it breaks their patrolling bots. Which is stupid, but whatever.

It doesn't brake most bots, it brakes the workflow of the users. Their cookie that keeps them logged in to a wiki doesn't apply when they suddenly get a link to a different protocol in the middle of the rest. The links on IRC should all have the same protocol (perhaps wgCanonicalServer?)

Logged in users should be using https... Isn't it more likely that when this is fully rolled out that it's more likely passing out http links will break people's workflow?

(In reply to comment #4)

Logged in users should be using https... Isn't it more likely that when this is
fully rolled out that it's more likely passing out http links will break
people's workflow?

Maybe, maybe not. But it's obvious that there should be a default configured somewhere, and that hyperlinks pushed to an environment independent from the user making the action should all have the same protocol and not the protocol of the user making the change (just like enotifs). Whether the default for udp-recentchanges is http or https will (or should) likely match the default for logged-in users in general.

So long as nobody is getting https by default, it makes sense that non-user specific links are also http.

Right now practically none of the mass readers/editors uses https or https://secure.wm.o

That's because secure is an unreliable POS.

(In reply to comment #3)

The links on IRC should all
have the same protocol (perhaps wgCanonicalServer?)

They use $wgCanonicalServer now, yes.