https://bugzilla.wikimedia.org/show_bug.cgi?id=35215
Matt Walker <mwal...@wikimedia.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mwal...@wikimedia.org --- Comment #15 from Matt Walker <mwal...@wikimedia.org> --- In theory, when someone accesses HTTPS they're doing it because they're concerned about their privacy/security. There may be concerns that their mobile carrier is injecting things, or that some national agency is monitoring their communications, or ??? It doesn't really matter though -- a user has requested we respect their privacy and then we go ahead and ignore it. Even beyond that; this is seriously unexpected behavior and it's not announced to the user that this is happening. This should be fixed immediately. It also causes issues with other extensions being deployed to the mobile site. E.g. CentralNotice when it makes its RecordImpression call. It's stupid to hang this bug on varnish maybe, or maybe not, having been deployed. Given that this is 2013Q2 apparently the varnish deploy has been pushed back. !!! Let's fix this by redirecting everything to HTTPS. !!! Not only is redirecting everything to HTTPS respectful to users wishes; it's also not unexpected -- HTTP to HTTPS promotion is commonly seen and does not cause CORS issues. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l