https://bugzilla.wikimedia.org/show_bug.cgi?id=40968
Daniel Friesen <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mediawiki-bugs@nadir-seen-f | |ire.com --- Comment #3 from Daniel Friesen <[email protected]> 2012-10-12 03:18:24 UTC --- (In reply to comment #2) > Say you're using an extension like Extension:Persona. It does login through an > AJAX API request. However, if you have $wgSecureLogin enabled, it cannot (or > rather should not) use HTTP for transmission of the login request. Right now > AFAIK there is no way to tell mw.Api to use HTTPS instead. Even though the script in question handling the login on the wiki could be malicious since it was delivered with http? -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
