> Can we force HTTPS for the game so we're not leaking usernames over cleartext > HTTP? (not just because the edits can be correlated with who was asked about > them but also the game interface displays your username and a user could do > Wikidata actions in your name if they got your HTTP cookie in the clear)
I would support this change. Thank you, Derric Atzrott From: gendergap-boun...@lists.wikimedia.org [mailto:gendergap-boun...@lists.wikimedia.org] On Behalf Of Jeremy Baron Sent: 22 May 2014 00:00 To: Increasing female participation in Wikimedia projects Subject: Re: [Gendergap] Wikidata, gamification and gender FYI, msg from another list below. -Jeremy ---------- Forwarded message ---------- From: "Jeremy Baron" <jer...@tuxmachine.com> Date: May 21, 2014 11:58 PM Subject: Re: [WikimediaMobile] micro-contributions on mobile via wikidata To: "Magnus Manske" <magnusman...@googlemail.com> Cc: "mobile-l" <mobil...@lists.wikimedia.org> > On May 21, 2014 9:55 PM, "Jeremy Baron" <jer...@tuxmachine.com> wrote: > > On May 21, 2014 9:07 PM, "Erik Moeller" <e...@wikimedia.org> wrote: > > > On Wed, May 21, 2014 at 2:17 PM, Ryan Kaldari <rkald...@wikimedia.org> > > > wrote: > > > > Most of these "games" would be great in a mobile context. > > > > > > The current design is already responsive - but I wasn't able to > > > actually get the OAuth authorization to work on mobile, at least not > > > on Firefox/Android :( > > > > I just did it with Firefox. I think I first hit "allow" on desktop > > MediaWiki and then got an "application connection error" from mobile. > > Unknown OAuth key, E006. > > > > Then went back to tool labs, hit the button again and back to desktop > > MediaWiki. Now the dialog had some bad styles or something so some of the > > text was hidden and I couldn't see the buttons at all. Manually changed URL > > from www.mediawiki.org → m.mediawiki.org and then authorized through > > mobilefrontend and finally got the game working. > > A couple more issues (but not strictly mobile things): > > * You may want to avoid merges/"same item" tasks until > https://www.wikidata.org/w/index.php?title=Wikidata:Requests_for_deletions > <https://www.wikidata.org/w/index.php?title=Wikidata:Requests_for_deletions&oldid=132186913> > &oldid=132186913 is resolved. > * Can we force HTTPS for the game so we're not leaking usernames over > cleartext HTTP? (not just because the edits can be correlated with who was > asked about them but also the game interface displays your username and a > user could do Wikidata actions in your name if they got your HTTP cookie in > the clear) > > Thanks > > -Jeremy
_______________________________________________ Gendergap mailing list Gendergap@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/gendergap