Demon has uploaded a new change for review.
https://gerrit.wikimedia.org/r/79962
Change subject: Add some logging for weird redirected POSTs
......................................................................
Add some logging for weird redirected POSTs
Change-Id: Ib19ebc2306e85fdb8c29b5850f2306bec7907938
---
M includes/Wiki.php
1 file changed, 14 insertions(+), 2 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core
refs/changes/62/79962/1
diff --git a/includes/Wiki.php b/includes/Wiki.php
index 6e72b9d..998ec41 100644
--- a/includes/Wiki.php
+++ b/includes/Wiki.php
@@ -513,8 +513,20 @@
) &&
$request->detectProtocol() == 'http'
) {
- $redirUrl = $request->getFullRequestURL();
- $redirUrl = str_replace( 'http://', 'https://',
$redirUrl );
+ $oldUrl = $request->getFullRequestURL();
+ $redirUrl = str_replace( 'http://', 'https://', $oldUrl
);
+
+ if ( $request->wasPosted() ) {
+ // This is weird and we'd hope it almost never
happens. This
+ // means that a POST came in via HTTP and
policy requires us
+ // redirecting to HTTPS. It's likely such a
request is going
+ // to fail due to post data being lost, but
let's try anyway
+ // and just log the instance.
+ //
+ // @todo @fixme See if we could issue a 307 or
308 here, need
+ // to see how clients (automated & browser)
behave when we do
+ wfDebugLog( 'RedirectedPosts', "Redirected from
HTTP to HTTPS: $oldUrl" );
+ }
// Setup dummy Title, otherwise OutputPage::redirect
will fail
$title = Title::newFromText( NS_MAIN, 'REDIR' );
--
To view, visit https://gerrit.wikimedia.org/r/79962
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ib19ebc2306e85fdb8c29b5850f2306bec7907938
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: wmf/1.22wmf12
Gerrit-Owner: Demon <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
