Insecure POST: 20% fail for labs, 100% for external
Previously, all insecure traffic was failing for 10% of requests
randomly, with an exception for Merlbot, which runs in labs. The
announced plan was to break 100% of insecure traffic on
This change instead raises the failure rate to 20% for all of labs
(including Merlbot) on 2016-07-12, and completely breaks only
external insecure traffic. The plan from here is to finish
breaking all the insecure traffic a week later on 2016-07-19.
This will give us a final week (assuming the bots retry failed
requests!) to try to work with bot owners and authors whose code
is running in our labs infrastructure before pulling the plug on
insecure access completely.