https://bugzilla.wikimedia.org/show_bug.cgi?id=35215
Matt Walker <mwal...@wikimedia.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mwal...@wikimedia.org
--- Comment #15 from Matt Walker <mwal...@wikimedia.org> ---
In theory, when someone accesses HTTPS they're doing it because they're
concerned about their privacy/security. There may be concerns that their mobile
carrier is injecting things, or that some national agency is monitoring their
communications, or ??? It doesn't really matter though -- a user has requested
we respect their privacy and then we go ahead and ignore it. Even beyond that;
this is seriously unexpected behavior and it's not announced to the user that
this is happening. This should be fixed immediately.
It also causes issues with other extensions being deployed to the mobile site.
E.g. CentralNotice when it makes its RecordImpression call.
It's stupid to hang this bug on varnish maybe, or maybe not, having been
deployed. Given that this is 2013Q2 apparently the varnish deploy has been
pushed back.
!!! Let's fix this by redirecting everything to HTTPS. !!!
Not only is redirecting everything to HTTPS respectful to users wishes; it's
also not unexpected -- HTTP to HTTPS promotion is commonly seen and does not
cause CORS issues.
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
