Page MenuHomePhabricator

Special:BannerRandom attempts to load insecure content for mobile domains on HTTPS
Closed, ResolvedPublic

Description

To replicate, go to https://m.mediawiki.org - with console open, you should see an error like:

[blocked] The page at https://m.mediawiki.org/wiki/MediaWiki ran insecure content from http://meta.m.wikimedia.org/wiki/Special:BannerRandom?uselang=en&sitename=M…roject=wikimedia&anonymous=false&bucket=1&country=US&device=android&slot=6.

I presume this makes it impossible to run CN banners on mobile devices for logged in users.

I chatted briefly with Matt Walker about this and it sounds like this is the result of how infrastructure is currently architected, though there may be an easy solution of forcing mobile URLs in CentralNotice using MobileContext::getMobileUrl() from MobileFrontend.


Version: master
Severity: normal

Details

Reference
bz55860

Event Timeline

bzimport raised the priority of this task from to High.Nov 22 2014, 2:14 AM
bzimport set Reference to bz55860.

Change 90639 had a related patch set uploaded by Mwalker:
Serve Mobile URLs to Mobile Users

https://gerrit.wikimedia.org/r/90639

Change 90639 merged by Adamw:
Serve Mobile URLs to Mobile Users

https://gerrit.wikimedia.org/r/90639

Looks like the patch was merged and I'm no longer seeing the issue on m.mediawiki.org. Can this bug be closed?

mwalker wrote:

eh... not really; the patch didn't work. So! New patch!

mwalker wrote:

*** Bug 56393 has been marked as a duplicate of this bug. ***

Change 92806 had a related patch set uploaded by Mwalker:
Serve Mobile URLs to Mobile Users

https://gerrit.wikimedia.org/r/92806

Change 92806 merged by jenkins-bot:
Serve Mobile URLs to Mobile Users

https://gerrit.wikimedia.org/r/92806

mwalker:
Patch was merged a while ago - is there more work left to do here (if yes: please reset the bug report status to NEW or ASSIGNED), or can you close this ticket as RESOLVED FIXED?

No reply to comment 8 - assuming this bug is FIXED.
If that is not the case: Please reopen and elaborate what is left to do here to get this report fixed.