https://bugzilla.wikimedia.org/show_bug.cgi?id=40679
--- Comment #9 from Krinkle <[email protected]> 2012-10-02 03:08:17 UTC --- (In reply to comment #0) > When $wgServer has a scheme, i.e., it is not protocol-relative, which happens > to be the default, wfExpandUrl( ..., PROTO_HTTPS ) will give an HTTP link. > This > causes ResourceLoader content to be loaded over an insecure connection. It > also > causes redirect loops when redirecting to HTTPS using wfExpandUrl. If your server supports HTTPS and redirects HTTP to HTTPS, why set $wgServer to an HTTP protocol? I'd say set it to HTTPS, or protocol-relative if you want to support both. This doesn't make sense.. wfExpandUrl only expands the url, never changes it. If it contains http:// that is left alone, because users tend to set http for a reason, indicating it doesn't support https. Otherwise there is no reason to set it to http. (In reply to comment #5) > (In reply to comment #2) > > Moreover, doesn't setting $wgServer to an HTTP URL result in HTTP URLs > > appearing in articles, even when viewing them over HTTPS? > > Yes, almost all links to load.php and api.php urls are full urls that start > with http://. That is, if $wgServer is set to a http://server If wgServer is set to a protocol-relative url, then it will (obviously) not do that. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
