https://bugzilla.wikimedia.org/show_bug.cgi?id=29898
Web browser: ---
Bug #: 29898
Summary: User preference for HTTP vs HTTPS while logged in
Product: MediaWiki
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: User preferences
AssignedTo: [email protected]
ReportedBy: [email protected]
CC: [email protected]
Blocks: 29878
Classification: Unclassified
With the early protocol-relative link HTTP+HTTPS parallel deployments starting
(bug 20643), we notice there's not currently any way to specify that, as a
particular user account, you want to make sure you log in on HTTPS only. This
means it's easy to accidentally log in insecurely even though you wanted to log
in securely.
(This should also be sometimes on by default to force all sessions to be secure
-- $wgSecureLogin sorta goes in this direction but doesn't force everything.)
In addition to making sure you're automatically sent through to the secure
version (or not), this will allow users to receive the appropriate URL scheme
in their email notifications: bug 29878.
Bonus points for being able to redirect from http to https links in order to
bump over to a live SSL login session when following generic links found
elsewhere. (may need another bug)
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
