Page MenuHomePhabricator
Create Task
Maniphest T347476

Set security.require-https to true
Open, Stalled, LowPublic
Actions

Description

We enabled https://phabricator.wikimedia.org/config/edit/diffusion.allow-http-auth/ in April 2014 (prior to deploying Phabricator to production) for reasons I do not remember in T123#1763.
We are getting rid of all and any code repos canonically hosted in Phabricator in T191182: Migrate active repositories in Phabricator Differential to GitLab.

I propose that we should stop offering to git clone repos via http as

  • all code repos on Phabricator will be only mirrors of other places (which are free to offer non-encrypted protocols for cloning)
  • https is offered (and broken ssh, see T347408: Do not expose dead git-ssh.wikimedia.org service as repo Clone URLs (defined in diffusion.ssh-host setting) for that issue) for those who want to clone from Phabricator for some reason.
    • I'd expect any code that pulls or pushes for mirroring to use https or ssh in 2023 and not rely on http (in K13, K18, K19, K32)?
  • it clutters the sometimes huge list of URIs offered when browsing a Diffusion repo in a web browser and clicking the " Clone" button (see parent task)

Related Objects
Search...

Event Timeline

Aklapper triaged this task as Low priority.Sep 27 2023, 11:35 AM
Aklapper created this task.
Aklapper renamed this task from Set diffusion.allow-http-auth to false to Set security.require-https to true.Sep 27 2023, 11:49 AM
Aklapper updated the task description. (Show Details)

Edit: Looks like I was completely wrong per https://we.phorge.it/book/phorge/article/diffusion_uris/ - http would still be offered after setting diffusion.allow-http-auth to false because repository view policy must be "Public" is nearly always true for us.

So it looks like enabling https://phabricator.wikimedia.org/config/edit/security.require-https/ makes more sense to get rid of the http repo clone links.

Aklapper mentioned this in T361997: Expose only canonical Clone URI in Diffusion when repo hosted externally and Differential disabled.Sat, Apr 6, 11:55 AM
Aklapper changed the task status from Open to Stalled.Tue, Apr 16, 4:51 PM

I'd like to stall this on the outcome of T361997 in upstream which might be a way better approach.

Aklapper added a subtask: T361997: Expose only canonical Clone URI in Diffusion when repo hosted externally and Differential disabled.Tue, Apr 16, 4:51 PM
Aklapper moved this task from To Triage to Administration (UI) on the Phabricator board.Sun, Apr 21, 3:27 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL