On Fri, Jun 17, 2011 at 4:02 PM, Roan Kattouw <[email protected]>wrote:
> On Sat, Jun 18, 2011 at 12:56 AM, Brion Vibber <[email protected]> wrote: > > Great that we have a list! :D > > > > Do make sure that all of those individual settings get tested before > > touching the production cluster; > Well that's what the testwiki thing is for :) > IIRC testwiki shares a lot of infrastructure and common configuration with the rest of the sites, so unless it's been given an isolated set of config files & interwiki database files, still be careful. :) > > > I'd be particularly worried about the > > possibility of exposing '//domain/something' style URLs into output that > > requires a fully-clickable link. > > > I don't quite get this -- the example below refers to API output, and > you're right we need to really output absolute URLs there (good > catch!), but I don't see any other scenario where outputting > protocol-relative URLs would be bad. Maybe RSS feeds, too, and non-UI > things in general, but really everything in the UI ought to be fair > game, right? > Almost everything in web UI should be pretty much fine yes -- I really mean things where the URL ends up someplace *outside* a browser, directly or indirectly, and then needs to be resolved and used without the browser's context. Places you definitely want some full URLs include: * api * additional specialty APIs (say, movie embedding links) * feeds (in at least some places) * email * export XML that contains URLs for files or pages There may be other things that we just haven't thought of, which is why I wanted to raise it. > > > But some like the interwikis may be assuming fully-qualified URLs; for > > instance on API results those should probably return fully-qualified URLs > > but they're probably not running through wfExpandURL. > > > Good point, but I'm more worried about the reverse TBH: what if > there's some code that runs stuff through wfExpandUrl() even though it > could, and maybe even should, be protocol-relative? > Also worth checking for! I'm less worried about those though since the worst case result is "status quo". :) -- brion _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
