Version: unspecified
Severity: normal
Whiteboard: storypoints: 2
Description
Description
Details
Details
- Reference
- bz40550
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Resolved | Reedy | T40975 Deployment of Wikidata to Wikimedia wikis (tracking) | |||
| Resolved | None | T42000 Deploy wikidata.org with the Wikidata repository | |||
| Resolved | None | T42573 Backport fixes to Wikibase v0.1 | |||
| Resolved | None | T42550 Use http get with https whenever possible |
Event Timeline
Comment Actions
There were two place you're calling Http::get(), it would be nice if they could both be forced to use https. It looks like you're using the data pulled back to populate objects, which is fine for the objects you're currently using, but if you start building objects that could effect access control, then you want to make sure you have the correct data.
Comment Actions
Partial fix in Idf0a6547, but that does not address the issues raised about HTTP requests from the MediaWikiSite class. If I remember the discussion correctly, we agreed that any protocol-relative base URL should default to using HTTPs - at least for Wikimedia sites. That needs additional work.
Comment Actions
With the patch in https://gerrit.wikimedia.org/r/#/c/25509/ and doing a fresh install of MW + Wikibase repo (running maintenance/update.php), I get the following error:
Warning: Invalid argument supplied for foreach() in /Library/WebServer/Documents/wikidata-repo/extensions/Wikibase/lib/includes/Utils.php on line 88
When I change the "https" back to "http", then it works. There must be some other solution for this to work correctly.