On Mon, Aug 19, 2013 at 6:21 PM, Risker <[email protected]> wrote: > On 19 August 2013 21:09, Ryan Lane <[email protected]> wrote: > > > On Mon, Aug 19, 2013 at 6:03 PM, Risker <[email protected]> wrote: > > > > > On 19 August 2013 20:35, Chad <[email protected]> wrote: > > > > > > > On Mon, Aug 19, 2013 at 5:32 PM, Tyler Romeo <[email protected]> > > > wrote: > > > > > > > > > Quick question: will the patch that was just merged regarding > > removing > > > > the > > > > > "Stay on HTTPS" checkbox be deployed by then? Or will that be a > > > separate > > > > > deployment? > > > > > > > > > > > > > > I'm going to work on getting that merged to all relevant branches > > > > either tonight or tomorrow, so yes, it will be included. > > > > > > > > > > > Congrats to everyone for getting this going. Is there a workaround > > > available for people behind the Great Firewall to log into projects in > > > languages other than those that are exempted? If so, what is the best > > way > > > for those individual users to contact Operations or whoever, outside of > > > IRC? I'm fairly certain some of those users may not want to have to > > > publicize their locations. I see mention of an email address: could > that > > > be created before the change please? > > > > > > > > Some projects are being left out of the initial rollout. Users that use > > those projects as their home wiki will still log-in to HTTP by default > and > > will get a central auth cookie that will work for other projects as well. > > > > Users who are logged in over HTTPS and feel that it is too slow for their > > area or device can disable HTTPS redirection in their preferences to > > continue using the site in HTTP mode. > > > > - Ryan > > > > > Okay, perhaps I wasn't clear. What I am referring to are editors from > China or Iran who regularly log into projects that will be covered with > HTTPS, as we know that HTTPS is (at least sometimes) blocked in those > countries. Remember that you're including Commons, Meta, and all English > projects - and yes, it is the right thing to do. But we do have a > non-negligible number of users (including administrators and stewards) who > will need to have a way to access these projects. Do you have a way to > exempt them? > > As I mentioned above. As long as they log-in to their home wiki, they will get a central auth cookie that will keep them logged-in on every other project, which includes commons, meta, etc. If they visit other projects as an anonymous user and try to log in, they'll be redirected to HTTPS, which will fail.
- Ryan _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
