https://bugzilla.wikimedia.org/show_bug.cgi?id=40679
Krinkle <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|Unprioritized |Normal CC| |[email protected] Summary|Setting $wgServer with |http $wgServer with |protocol causes redirect |$wgSecureLogin should not |loops when redirecting to |infinitely self-redirect |HTTPS | --- Comment #21 from Krinkle <[email protected]> 2012-10-03 00:01:27 UTC --- (In reply to comment #20) > (In reply to comment #19) > > 2 is a bug, yes. I wonder how that happens. Where does MediaWiki produce a > > redirect to HTTPS if server includes http://? That should be impossible. > > The change in > https://gerrit.wikimedia.org/r/#/c/25530/1/includes/specials/SpecialUserlogin.php > on line 152 is what does the redirect. It redirects to the output of > wfExpandUrl with PROTO_HTTPS passed in. Since wfExpandUrl returns an http > link, > the page keeps redirecting. > Interesting, yeah, I can see how that fails. I was thinking it would redirect in a loop between http and https, but that didn't make sense. I suppose we could check the protocol in $wgServer in Setup.php and disable $wgSecureLogin accordingly. Either that, or throw an exception. I think we normally do silent failures for configs, which would be fine. Though I could also understand an exception, as it is consistent (e.g. not like you change config, site looks fine, and then later it starts throwing exceptions). -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
