https://bugzilla.wikimedia.org/show_bug.cgi?id=69319
--- Comment #2 from Chris Steipp <cste...@wikimedia.org> --- login.wikimedia.org really should never be visited by end users, and users don't have edit rights there. That is why they can't edit any preferences. The preference on loginwiki has almost no impact on your use of https on other wikis (unless you're actually putting in your username and password there). It will enforce that the actual login handshake (which is uncachable anyway, since we're logging you in) goes over https if you're not from China/Iran. I think the issue Cometstyles is hitting is that logging into a project that didn't have the preference set (ie., zh.wikipedia.org), and we set the forceHTTPS cookie at the top-level domain for the project (.wikipedia.org), so other wikis in project would start redirecting to https, even though their cookies are good for both http and https. The fix for this is either a global preference, which unfortunately we don't have yet. Or we set forceHTTPS per wiki, which was actually the original design, but was changed a while back because it makes it really hard to usefully examine your cookies. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
