Last modified: 2013-07-25 07:03:58 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T42789, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 40789 - $wgSecureLogin is broken
$wgSecureLogin is broken
Status: VERIFIED FIXED
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
1.20.x
All All
: High major (vote)
: 1.20.0 release
Assigned To: Tyler Romeo
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-10-05 07:18 UTC by Niklas Laxström
Modified: 2013-07-25 07:03 UTC (History)
9 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Niklas Laxström 2012-10-05 07:18:11 UTC 
Redirect loops just like described in https://gerrit.wikimedia.org/r/#/c/25530/1/includes/specials/SpecialUserlogin.php
Comment 1 Niklas Laxström 2012-10-07 06:23:51 UTC 
Seems to be related to this: all our users now get forcefully redirected to https *after* logging even when $wgSecureLogin is false.
Comment 2 Tyler Romeo 2012-10-07 14:15:22 UTC 
That's a pretty big oversight on my part. My apologies. This entire week I feel like I've been getting stupider. Standby for patch.
Comment 3 Tyler Romeo 2012-10-07 14:18:56 UTC 
https://gerrit.wikimedia.org/r/27044
Comment 4 Chris Steipp 2012-10-09 19:47:25 UTC 
Tyler's fix is merged, and will go out with 1.21wmf2. Is this breaking anything to the point that we need to do a live fix on the cluster?
Comment 5 Tyler Romeo 2012-10-09 19:51:01 UTC 
Yes. The problem occurs when $wgSecureLogin is set to false, in which case users are redirected to HTTPS incorrectly.
Comment 6 Nemo 2012-10-11 19:46:56 UTC 
Verified on http://sandbox.translatewiki.net/ (updated sandbox.translatewiki.net to be7d611 2012-10-11 08:51:13 +0000).
Comment 7 Bartosz Dziewoński 2012-10-12 19:03:06 UTC 
Is this going to be backported and deployed before 1.21wmf2?
Comment 8 Oliver Keyes 2012-10-14 03:17:34 UTC 
It'd be great if it could be, quite frankly. Some of the bots Wikipedia uses for site maintenance are reliant on this working. The central help forum for en-wiki hasn't been able to archive itself since the bug.
Comment 9 Nemo 2012-10-14 07:21:14 UTC 
(In reply to comment #8)
> It'd be great if it could be, quite frankly. Some of the bots Wikipedia uses
> for site maintenance are reliant on this working. The central help forum for
> en-wiki hasn't been able to archive itself since the bug.

So is this in 1.20.0 or not?
Comment 10 Oliver Keyes 2012-10-14 07:47:07 UTC 
Above, Chris says it'll be in 1.21wmf2. I think that's a no.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links