Page MenuHomePhabricator
Create Task
Maniphest T49653

wikimedia.de via HTTPS loads resources over HTTP
Closed, ResolvedPublic
Actions

Description

When I visit https://wikimedia.de/wiki/Hauptseite, there are a few resources coming in via HTTP, causing my Web browser to throw warnings.

<img alt="" src="http://upload.wikimedia.org/wikipedia/commons/thumb/6/66/Wikidata-logo-en.svg/170px-Wikidata-logo-en.svg.png" width="170" height="120" />

<img alt="Wikipedianer auf Exkursion im Kirchenarchiv Kaufbeuren. Foto: Benutzerin:Elya, CC-BY-SA 3.0" src="http://upload.wikimedia.org/wikipedia/commons/thumb/0/09/GLAM-Aktivisten_im_Kirchenarchiv_Kaufbeuren_04.JPG/170px-GLAM-Aktivisten_im_Kirchenarchiv_Kaufbeuren_04.JPG" width="170" height="128" />

<img alt="Logo von Wikivoyage" src="http://upload.wikimedia.org/wikipedia/commons/thumb/1/1b/Wikivoyage-logo-en-TTO-attempt.svg/170px-Wikivoyage-logo-en-TTO-attempt.svg.png" width="170" height="180" />

[a bunch of other images ...]

<img src="http://i.creativecommons.org/l/by-sa/3.0/88x31.png" alt="Attribution-Share Alike 3.0 Unported" width="88" height="31" />

<img src="http://secure.wikimedia.de/piwik/piwik.php?idsite=2" style="border:0" alt=""/>

This is probably the not the best place to report this issue, but I couldn't find a better place and I figured some of the German Wikimedians can be copied on this bug report and can forward this issue as necessary and appropriate.

Version: 1.20.x
Severity: normal

Details

Reference
bz47653

Related Objects

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 1:37 AM
bzimport added projects: MW-1.21.0-release, MediaWiki-File-management, Upstream.
bzimport set Reference to bz47653.
bzimport added a subscriber: Unknown Object (MLST).
MZMcBride created this task.Apr 25 2013, 4:15 PM
Reedy added a comment.Apr 26 2013, 1:12 AM

This isn't the right place for this. WMF doesn't host the wikimedia.de wiki.

I note Daniel is CC'd on this bug

daniel added a comment.Apr 26 2013, 9:40 AM

I have passed on responsibility for this a while ago, but i'll try to poke the relevant people, and help them fix it (I'm pretty sure this was my mistake).

Adding Silke Meyer (who is technically responsible) and Kai Nissen (who has been managing the site).

@sam: WMDE doesn't have a bug tracker for stuff like this, perhaps we could just get a product here?

I'll re-open the bug with the new assignee; if you feel it's really in the way here, close it again. We'll figure out another solution, then.

Aklapper added a comment.Apr 26 2013, 11:30 AM

p858snake: What is "upstream" here???

(In reply to comment #2)

@sam: WMDE doesn't have a bug tracker for stuff like this, perhaps we could
just get a product here?

Please file a separate ticket to discuss this.

kai.nissen added a comment.Apr 26 2013, 8:31 PM

The protocol type that has been used to get the file info from commons.wikimedia.org gets cached by the parser cache. This will happen vice versa, if the parser caches when requesting with https.

I customized the ForeignAPIRepo for commons to always use the secure protocol when requesting the commons API, but changing ForeignAPIRepo::getThumbUrl() to strip the protocol and make the src attribute protocol-relative seems to be the solution here.

I will provide a patch this weekend.

@MZMcBride: The other images that are not provided by commons were also changed to protocol-relative.

gerritbot added a comment.Apr 29 2013, 3:58 PM

Related URL: https://gerrit.wikimedia.org/r/61390 (Gerrit Change Id40186d10019a77f8b827a6a67982d40f3e97f11)

Aklapper added a comment.May 13 2013, 1:38 PM

Patch needs rework.

Nemo_bis added a comment.May 25 2013, 10:56 AM

(In reply to comment #6)

Patch needs rework.

More than that, Anomie said "Your analysis of the problem in the commit summary is not correct". This bug is indeed misleading and is a duplicate of something the reporter already reported previously and that I had already clarified as bug 48133.

  • This bug has been marked as a duplicate of bug 48133 ***
gerritbot added a comment.Apr 5 2014, 6:44 PM

Change 61390 abandoned by Siebrand:
(bug 47653) Processing foreign API files protocol-relative

Reason:
I'm abandoning this patch set as it's been open for a long time without any outlook at the open issues being resolved.

If the submitter or anyone else would like to work on it again, this patch set can be re-activated by clicking "Restore Change". Please only do this if you are actually going to work on it immediately.

https://gerrit.wikimedia.org/r/61390

Gilles added a project: Multimedia.Dec 4 2014, 10:20 AM
Gilles raised the priority of this task from Medium to Unbreak Now!.Dec 4 2014, 10:25 AM
Gilles moved this task from Untriaged to Done on the Multimedia board.
Gilles lowered the priority of this task from Unbreak Now! to Medium.Dec 4 2014, 11:21 AM
Tgr mentioned this in T50133: ForeignAPIRepo wrongly returns non-protocol-relative URLs for original "thumbs".Sep 7 2015, 9:42 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL