Last modified: 2011-01-27 03:24:50 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T14884, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 12884 - Login and account creation should be by secure http.
Login and account creation should be by secure http.
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
unspecified
All All
: Normal enhancement with 4 votes (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on: 9816
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-02 21:22 UTC by John G. Hissong
Modified: 2011-01-27 03:24 UTC (History)
10 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description John G. Hissong 2008-02-02 21:22:12 UTC
When I login or, even worse, when I create an account, I do so in an unsecure environment. There's no automatic encryption; the site reads "http" not "https". It's all well and good to urge people to make a secure password, but I, for one, am unwilling to trust a secure password to vagaries of an unencrypted web.
Comment 1 Roan Kattouw 2008-02-02 22:26:50 UTC
Isn't there an address where you could log in to Wikipedia through HTTPS? INVALID?
Comment 2 Huji 2008-02-03 09:24:33 UTC
Yeah, I think DefaultSettings.php checks if HTTPS is available to be used for such actions. If it is not available, it will fallback to HTTP.
Comment 3 John G. Hissong 2008-02-03 16:34:30 UTC
(In reply to comment #0)
> When I login or, even worse, when I create an account, I do so in an unsecure
> environment. There's no automatic encryption; the site reads "http" not
> "https". It's all well and good to urge people to make a secure password, but
> I, for one, am unwilling to trust a secure password to vagaries of an
> unencrypted web.
> 

(In reply to comment #2)
> Yeah, I think DefaultSettings.php checks if HTTPS is available to be used for
> such actions. If it is not available, it will fallback to HTTP.
> 
This didn't work for me.  My browser (Safari) fully supports https.
Comment 4 Robert Leverington 2008-02-03 21:04:47 UTC
(In reply to comment #3)
> (In reply to comment #2)
> > Yeah, I think DefaultSettings.php checks if HTTPS is available to be used for
> > such actions. If it is not available, it will fallback to HTTP.
> > 
> This didn't work for me.  My browser (Safari) fully supports https.
> 

I believe the comment #2 is refering to server side availability of HTTPS , as opposed to client side. Not all servers have it installed as there are potential patent issues and it is difficult to configure (plus getting an SSL key with one of the main providers often costs a hefty ammount of money).
Comment 5 Christian Neubauer 2008-02-04 14:51:36 UTC
(In reply to comment #2)
> Yeah, I think DefaultSettings.php checks if HTTPS is available to be used for
> such actions. If it is not available, it will fallback to HTTP.
> 

According to http://us.php.net/reserved.variables:

'HTTPS'
    Set to a non-empty value if the script was queried through the HTTPS protocol.


So $_SERVER['HTTPS'] is only set if the user specifically types in https://...  Default settings checks if the browser requested https, not if the server is capable of https.
Comment 6 Huji 2008-02-04 17:35:05 UTC
>> So $_SERVER['HTTPS'] is only set if the user specifically types in https://
Or, if the software uses a https:// link or form action! I rechecked and to my enthusiasm, it appears that MediaWiki (even its Wikimedia installation) is "not" using an HTTPS address for the action of loing/registration forms. I guess it would be a good idea to add another global setting variable in LocalSettings.php so people who do have HTTPS server up and running can force MediaWiki to use it for logins.
Comment 7 OverlordQ 2008-02-04 17:44:01 UTC
1) Browse to https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page
2) Click Login/Register
3) Profit?

Comment 8 Christian Neubauer 2008-02-04 17:59:10 UTC
Even if the login/registration page were set up to use SSL you would still be vulnerable to sidejacking (http://arstechnica.com/news.ars/post/20080201-report-google-mail-vulnerable-to-sidejacking-despite-ssl.html).  You probably have to force the whole site into SSL, which you can do by manually setting $wgServer in LocalSettings.  For a WikiMedia wiki, yeah you can use the link in comment #7.
Comment 9 Antoine "hashar" Musso (WMF) 2010-10-28 07:10:55 UTC
See r75585
Comment 10 MZMcBride 2011-01-26 08:31:05 UTC
Is this request for the functionality (which was introduced by hashar in r75585) or for an implementation on Wikimedia wikis? If it's the former, this bug is resolved. If it's the latter, this bug probably needs to be split (or at least have a clarified bug summary / component).
Comment 11 MZMcBride 2011-01-26 08:34:05 UTC
This bug is also possibly a duplicate of bug 225.
Comment 12 Antoine "hashar" Musso (WMF) 2011-01-26 19:21:07 UTC
Issues are already split:

bug 12884 (this one) is for the MediaWiki product. The code I wrote is pending revision and might or might not be included in 1.17. Nonetheless, I think it should be closed as FIXED.

bug 225 is an operation on WMF cluster.

Support for an alternate URL schema is a different matter, might need a new enhancement bug.

Marking fixed.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links