This could be an upstream bug, either in HTTPSEverywhere or Flickr API, but I'm not sure.
When making a request for a flickr image such as https://secure.flickr.com/photos/sludgeulper/7447549052/in/photostream/ from UploadWizard while having HTTPSEverywhere active, the API request to secure.flickr.com returns an empty result. When not having the extension active, the result is made to api.flickr.com and works as expected.
Version: unspecified
Severity: normal
A related improvement would be to use the secure API endpoint when the user is using https on the mediawiki site.
(In reply to comment #1)
A related improvement would be to use the secure API endpoint when the user
is using https on the mediawiki site.
Only if it works. ;-)
The bug that we decided this duplicated seemed similar at the time, but it is actually very different.
I think that this is problem in the UploadWizard javascript triggered by HTTPSEverywhere plugin. https://api.flickr.com redirects to https://secure.flickr.com which causes the XHR request to hang/fail. This fix for this may be as easy as changing 'flickrApiUrl' in UploadWizard.config.php from '//api.flickr.com/services/rest/?' to ''https://secure.flickr.com/services/rest/?' making the request SSL/TLS protected for all users.
Can't reproduce this. It seems Flickr changed how they handle HTTPS and there is no redirect now.