Last modified: 2011-12-20 15:41:24 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T35269, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 33269 - protocol relative urls do not have "secure" pad-lock icon when browsing from https and are thus secure links
protocol relative urls do not have "secure" pad-lock icon when browsing from ...
Status: RESOLVED DUPLICATE of bug 30682
Product: MediaWiki
Classification: Unclassified
General/Unknown (Other open bugs)
1.18.x
PC Windows 7
: Unprioritized minor (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks: 20342
  Show dependency treegraph
 
Reported: 2011-12-20 10:07 UTC by it_is_me_here
Modified: 2011-12-20 15:41 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description it_is_me_here 2011-12-20 10:07:48 UTC 
On the English Wikipedia, at least, if you type something like "[//en.wikipedia.org/w/index.php?title=Main_Page&oldid=464887589]" and are yourself browsing the site through https://en.wikipedia.org, then the external link will show up with a normal EL symbol (a square with an arrow leaving it), rather than with an HTTPS EL symbol (a padlock), even though the link will direct you to an HTTPS URL.
Comment 1 Bawolff (Brian Wolff) 2011-12-20 10:21:56 UTC 
Hmmm.

Those padlock icons are done through css like a.external[href^="https://"] which won't trigger for protocol relative.


Not sure if its possible to serve some css only to secure folks with a a.external[href^="//"] type rule. It seems like that would conflict with the whole one version of things regardless of protocol.
Comment 2 Roan Kattouw 2011-12-20 15:40:19 UTC 
(In reply to comment #1)
> Hmmm.
> 
> Those padlock icons are done through css like a.external[href^="https://"]
> which won't trigger for protocol relative.
> 
> 
> Not sure if its possible to serve some css only to secure folks with a
> a.external[href^="//"] type rule. It seems like that would conflict with the
> whole one version of things regardless of protocol.
I don't believe this is possible, no. This is a duplicate of another bug but I can't find it offhand.
Comment 3 Roan Kattouw 2011-12-20 15:41:24 UTC 

*** This bug has been marked as a duplicate of bug 30682 ***
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links