Login with http throws ugly error
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Qgil
	Sep 18 2014, 8:16 AM

Tags

Referenced Files

None

Subscribers

Description

Login to http://phabricator.wikimedia.org ends up in an ugly error message. I guess we shouldn't allow anybody to login from http in the first place? Only https (which seems to work just fine).

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved		Qgil	T553 Engineering Community team goals for October 2014
		Resolved		Qgil	T174 Launch Wikimedia Phabricator Day 1
		Declined		Qgil	T375 Aligning Phabricator account restrictions with Wikimedia's
		Resolved		• mmodell	T258 Publicly show which MediaWiki.org account a Phabricator account is associated with
		Resolved		• chasemp	T463 Enable registration for everybody at phabricator.wikimedia.org
		Resolved		• chasemp	T346 configure LDAP and SUL for phab instance
		Resolved		• mmodell	T186 Implement WMF SUL Authentication
		Resolved		• chasemp	T465 phabricator.wikimedia.org kicks you out too soon
		Resolved		• chasemp	T457 Login with http throws ugly error

Event Timeline

Qgil created this task.Sep 18 2014, 8:16 AM

Qgil assigned this task to • chasemp.

Qgil raised the priority of this task from to High.

Qgil updated the task description. (Show Details)

Qgil added a project: Phabricator-Production-Instance.

Qgil changed Security from none to None.

Qgil added subscribers: Qgil, Aklapper.

Hmm, guess that https://gerrit.wikimedia.org/r/#/c/160588/ and https://gerrit.wikimedia.org/r/#/c/160780/ was only for the backend.

Proposing to enforce/redirect to https.

Qgil moved this task from Backlog to Ready to Go on the Phabricator-Production-Instance board.Sep 19 2014, 2:56 PM

Yes, we should enforce HTTPS-only on Phabricator. We've done it on Gerrit & Bugzilla for years.

This was fixed by Daniel and Chase: https://gerrit.wikimedia.org/r/162534

jeremyb subscribed.Sep 24 2014, 7:19 PM