Heads Up - Gadgets and user defined js may need updating for HTTPS tomorrow

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Heads Up - Gadgets and user defined js may need updating for HTTPS tomorrow

Greg Grossmeier-2
As brought to my attention by Max, through a post on his talk page:

== The problem ==

Basically, some user defined JS out there has "http://" hard coded, and
when you request insecure (non-https) resources during a secure session
you get errors in many modern browsers.

This is a heads up that this user created code might need some special
attention before and after the switch over.

== How to fix ==

The best option is to use "protocol relative" urls, these are urls that
start with "//someurl" instead of "http://" or "https://" or "gopher://"

Here's a blog post about when we started using protocol relative urls in
MediaWiki and at WMF:

I've put up basic instructions on the HTTPS page on metawiki:

Thanks for getting this out to the appropriate channels!


cc'ing [hidden email] because there might be some
overlap of affected people on that list.

| Greg Grossmeier            GPG: B2FA 27B1 F7EB D327 6B8E |
| identi.ca: @greg                A18D 1138 8E47 FAC8 1C7D |

Wikibots-l mailing list
[hidden email]

signature.asc (853 bytes) Download Attachment