Hi all, I am running MediaWiki 1.26, and trying to force it to be all-SSL, all the time, excepting a particular Special: page. To that end, I have code which makes the following method call from a 'BeforeInitialize' hook:
$this->output->redirect($https_url, 301); However, by the time processing gets to OutputPage:output() method, the OutputPage::$mRedirect attribute is empty. I think this is because our wiki is also configured to require logins to read, and when accessing it as anonymous user on plaintext port, OutputPage::prepareErrorPage gets run AFTER we send the SSL redirect, but BEFORE the actual output rendering occurs. My simple solution to this is to forcibly invoke OutputPage::Output on the spot, right there in the 'BeforeInitialize' hook: $this->output->redirect($https_url, 301); $this->output->output(); However, while it LOOKS safe (because OutputPage::output does a return after setting redirects, rather than continue on to process output), I still have a bad feeling about this. I don't like messing with order-of-execution in such a crude manner. Can anyone either confirm that it's safe, or offer a superior alternative - a way of forcing a redirect safely, even if an ErrorPage would be rendered otherwise? I know that I can use PHP's 'header' method directly, but that also skips MediaWiki housekeeping, so I don't particularly like that route either. Thanks in advance! _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
