On 2/13/09 3:36 PM, Chad wrote: >> On Feb 13, 2009 6:28 PM, "Erik Moeller" wrote: >> On any wiki where there's an operation restricted to logged in users, >> the error message "You must be logged in .." is shown with a link to >> the login form. Is there a reason (other than "not coded yet") why >> this login form isn't rendered directly onto the error page, skipping >> one step? > > You hit it right on the head. No reason it can't be there > already. I believe there's a bug open about it.
This idea has been kicked around for a while, but there's a potential snag -- one issue is that we want to be able to move the login form to SSL consistently so we're not sending passwords around unencrypted. If we embed the form directly into error message output, then we have two possibilities: 1) We have a form on an _insecure_ page which _submits_ to a secure page. This is an unsafe practice -- you don't know that the form is safe; even if you check the <form action> value it might actually be hacked to submit somewhere else by JavaScript if you've been hit by a MITM attack or sent to a malicious site via hacked DNS. Honestly this creeps me out when my bank does this. :) Possibly however we don't care that much. :D 2) We could redirect to the same error page *on* the SSL server, so it's a secure form now, but possibly unexpectedly. Redirecting might not be feasible for all cases (eg the result of a POST submission). -- brion _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
