[MediaWiki-commits] [Gerrit] Allow insecure external surveys - change (mediawiki...QuickSurveys)

2015-10-28 Thread jenkins-bot (Code Review) 
jenkins-bot has submitted this change and it was merged.

Change subject: Allow insecure external surveys
..


Allow insecure external surveys

I don't think that we should encourage sites to do this but it's been
suggested 3rd parties might want to use http.

I don't really care either way but have broken out this separate patch
in case we want to consider it (but in my opinion YAGNI)

Change-Id: I6ecb657782d21352519a99bb76494cf39e2211b5
---
M README.md
M extension.json
M includes/QuickSurveys.hooks.php
M resources/ext.quicksurveys.lib/lib.js
4 files changed, 7 insertions(+), 1 deletion(-)

Approvals:
  Jhobs: Looks good to me, but someone else must approve
  Bmansurov: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/README.md b/README.md
index 4bacff1..dcc7226 100644
--- a/README.md
+++ b/README.md
@@ -39,3 +39,5 @@
),
 );
 ```
+You can enable insecure external surveys by enabling 
`wgQuickSurveysRequireHttps` however this is discouraged.
+This will allow you to run a survey from an external website that runs only on 
http.
diff --git a/extension.json b/extension.json
index d3b7eea..1ac2607 100644
--- a/extension.json
+++ b/extension.json
@@ -129,6 +129,7 @@
]
},
"config": {
+   "QuickSurveysRequireHttps": false,
"QuickSurveysConfig": [
{
"@name": "survey name",
diff --git a/includes/QuickSurveys.hooks.php b/includes/QuickSurveys.hooks.php
index b4fb2aa..f586a90 100644
--- a/includes/QuickSurveys.hooks.php
+++ b/includes/QuickSurveys.hooks.php
@@ -55,7 +55,10 @@
 * @return boolean
 */
public static function onResourceLoaderGetConfigVars( &$vars ) {
+   global $wgQuickSurveysRequireHttps;
+
$surveys = self::getEnabledSurveys();
+   $vars['wgQuickSurveysRequireHttps'] = 
$wgQuickSurveysRequireHttps;
$vars['wgEnabledQuickSurveys']= array_map( function ( Survey 
$survey ) {
return $survey->toArray();
}, $surveys );
diff --git a/resources/ext.quicksurveys.lib/lib.js 
b/resources/ext.quicksurveys.lib/lib.js
index 10184cf..71eac4f 100644
--- a/resources/ext.quicksurveys.lib/lib.js
+++ b/resources/ext.quicksurveys.lib/lib.js
@@ -47,7 +47,7 @@
 */
function isValidSurvey( survey ) {
if ( survey.type === 'external' ) {
-   if ( survey.isInsecure ) {
+   if ( survey.isInsecure && mw.config.get( 
'wgQuickSurveysRequireHttps' ) ) {
mw.log.warn( 'QuickSurvey with name ' + 
survey.name + ' has insecure survey link and will not be shown.' );
return false;
}

-- 
To view, visit https://gerrit.wikimedia.org/r/246251
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I6ecb657782d21352519a99bb76494cf39e2211b5
Gerrit-PatchSet: 3
Gerrit-Project: mediawiki/extensions/QuickSurveys
Gerrit-Branch: dev
Gerrit-Owner: Jdlrobson 
Gerrit-Reviewer: Alex Monk 
Gerrit-Reviewer: Bmansurov 
Gerrit-Reviewer: CSteipp 
Gerrit-Reviewer: Jhobs 
Gerrit-Reviewer: jenkins-bot <>

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Allow insecure external surveys - change (mediawiki...QuickSurveys)

2015-10-14 Thread Jdlrobson (Code Review) 
Jdlrobson has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/246251

Change subject: Allow insecure external surveys
..

Allow insecure external surveys

I don't think that we should encourage sites to do this but it's been
suggested 3rd parties might want to use http.

I don't really care either way but have broken out this separate patch
in case we want to consider it (but in my opinion YAGNI)

Change-Id: I6ecb657782d21352519a99bb76494cf39e2211b5
---
M extension.json
M includes/QuickSurveys.hooks.php
M resources/ext.quicksurveys.lib/lib.js
3 files changed, 5 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/QuickSurveys 
refs/changes/51/246251/1

diff --git a/extension.json b/extension.json
index d3b7eea..1ac2607 100644
--- a/extension.json
+++ b/extension.json
@@ -129,6 +129,7 @@
]
},
"config": {
+   "QuickSurveysRequireHttps": false,
"QuickSurveysConfig": [
{
"@name": "survey name",
diff --git a/includes/QuickSurveys.hooks.php b/includes/QuickSurveys.hooks.php
index b4fb2aa..f586a90 100644
--- a/includes/QuickSurveys.hooks.php
+++ b/includes/QuickSurveys.hooks.php
@@ -55,7 +55,10 @@
 * @return boolean
 */
public static function onResourceLoaderGetConfigVars( &$vars ) {
+   global $wgQuickSurveysRequireHttps;
+
$surveys = self::getEnabledSurveys();
+   $vars['wgQuickSurveysRequireHttps'] = 
$wgQuickSurveysRequireHttps;
$vars['wgEnabledQuickSurveys']= array_map( function ( Survey 
$survey ) {
return $survey->toArray();
}, $surveys );
diff --git a/resources/ext.quicksurveys.lib/lib.js 
b/resources/ext.quicksurveys.lib/lib.js
index 0dd2b74..263eff4 100644
--- a/resources/ext.quicksurveys.lib/lib.js
+++ b/resources/ext.quicksurveys.lib/lib.js
@@ -47,7 +47,7 @@
 */
function isValidSurvey( survey ) {
if ( survey.type === 'external' ) {
-   if ( survey.isInsecure ) {
+   if ( survey.isInsecure && mw.config.get( 
'wgQuickSurveysRequireHttps' ) ) {
mw.log.warn( 'QuickSurvey with name ' + 
survey.name + ' has insecure survey link and will not be shown.' );
return false;
}

-- 
To view, visit https://gerrit.wikimedia.org/r/246251
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I6ecb657782d21352519a99bb76494cf39e2211b5
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/QuickSurveys
Gerrit-Branch: dev
Gerrit-Owner: Jdlrobson 

___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits