Walter McGinnis wrote: >>> All this boils down to, yes full HTTPS is best practice, but if you make use >>> of external APIs or services, it may be hard to achieve. >> >> Using an external API or service by including stuff from third-party >> sites would send users' IP addresses to those sites, which would >> violate Wikimedia's privacy policy, so this isn't an issue for us. > > Fair enough. Every situation is different. As I had recently attempted to go > full HTTPS with a project, I thought I would share my experience of what it > takes in practice.
Well, as someone else somewhat noted in this thread, Aryeh isn't completely correct. The Toolserver has external APIs and services that are used via JavaScript from Wikimedia wikis. More information is available about the Toolserver here: <https://wiki.toolserver.org/view/FAQ>. I appreciate you sharing your experience. Part of the resourcefulness of this list is learning how others have implemented solutions, including understanding what worked well and what didn't and why. MZMcBride _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
