subject:"\[Wikidata\-bugs\] \[Maniphest\] \[Updated\] T150290\: add CORS to all redirecs in chain from https\:\/\/www.wikidata.org\/entity\/\{Q...\}"

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

2017-10-11 Thread Lucas_Werkmeister_WMDE

Lucas_Werkmeister_WMDE added a comment.
I don't think Apache has a nice way to set additional headers in these cases (only).

I found this blog post while looking into the similar issue T177966 – TL;DR: set an environment variable in the redirect (E=acoa:1) and add a Header always set directive with that environment variable as condition (env=acoa). I guess it’s not very nice, but it’s possible (unless something in Wikimedia’s Apache setup prevents it).

Thiemo pointed out another complication: our canonical URIs are HTTP, not HTTPS. There is a redirect from the HTTP URL to the HTTPS URL.

wikidata.org is on the HSTS preload list used by Chrome, Firefox, Opera, Safari, IE11, and Edge, so those clients should immediately use the HTTPS version. Are there any clients that don’t use this HSTS preload list but still apply same-origin restrictions? (There’s also a task for switching the canonical URIs to HTTPS – T153563 – but it’s not clear if it should be done.)TASK DETAILhttps://phabricator.wikimedia.org/T150290EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: Lucas_Werkmeister_WMDECc: Lucas_Werkmeister_WMDE, thiemowmde, gerritbot, hoo, daniel, Aklapper, elf-pavlik, GoranSMilovanovic, QZanden, Wikidata-bugs, aude, Mbch331___
Wikidata-bugs mailing list
Wikidata-bugs@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

2016-11-18 Thread thiemowmde

thiemowmde added a project: Wikidata-Sprint-2016-11-15.
TASK DETAILhttps://phabricator.wikimedia.org/T150290EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: hoo, thiemowmdeCc: thiemowmde, gerritbot, hoo, daniel, Aklapper, elf-pavlik, Lewizho99, Maathavan, D3r1ck01, Izno, Wikidata-bugs, aude, Mbch331___
Wikidata-bugs mailing list
Wikidata-bugs@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

2016-11-10 Thread daniel

daniel added a subtask: T119536: [RFC] should wikidata.org/entity/Q12345 do content negotiation, instead of redirecting to wikidata.org/wiki/Special:EntityData/Q36661 first?.
TASK DETAILhttps://phabricator.wikimedia.org/T150290EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: hoo, danielCc: thiemowmde, gerritbot, hoo, daniel, Aklapper, elf-pavlik, Lewizho99, Maathavan, D3r1ck01, Izno, Wikidata-bugs, aude, Mbch331___
Wikidata-bugs mailing list
Wikidata-bugs@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

2016-11-09 Thread hoo

hoo added a comment.
I've just added a patch for always setting the CORS header for Special:EntityData, but that will only solve part of the problem here.

A potential solution I could think of would be to ProxyPass the /entity/ (and related) redirects to the special page. That would also solve us T119536 for free, as far as I can tell.TASK DETAILhttps://phabricator.wikimedia.org/T150290EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: hooCc: gerritbot, hoo, daniel, Aklapper, elf-pavlik, Lewizho99, Maathavan, D3r1ck01, Izno, Wikidata-bugs, aude, Mbch331___
Wikidata-bugs mailing list
Wikidata-bugs@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

2016-11-09 Thread gerritbot

gerritbot added a project: Patch-For-Review.
TASK DETAILhttps://phabricator.wikimedia.org/T150290EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: gerritbotCc: gerritbot, hoo, daniel, Aklapper, elf-pavlik, Lewizho99, Maathavan, D3r1ck01, Izno, Wikidata-bugs, aude, Mbch331___
Wikidata-bugs mailing list
Wikidata-bugs@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

[Wikidata-bugs] [Maniphest] [Updated] T150290: add CORS to all redirecs in chain from https://www.wikidata.org/entity/{Q...}

5 matches

Site Navigation

Mail list logo

Footer information