HTTPS link to root page redirects to HTTP?

Discussion about the site's wiki, including bugs/issues encountered

Moderator: Moderators

Post Reply
User avatar
rainwarrior
Posts: 7818
Joined: Sun Jan 22, 2012 12:03 pm
Location: Canada
Contact:

HTTPS link to root page redirects to HTTP?

Post by rainwarrior » Thu Nov 23, 2017 3:40 pm

HTTPS links to the root page of the wiki get redirected to an HTTP page, losing security:
https://wiki.nesdev.com

A direct link to any article, however, takes me to an HTTPS page as expected:
https://wiki.nesdev.com/w/index.php/Nesdev

I presume that whatever's at the root page contains a hardcoded redirect to http://wiki.nesdev.com/w/index.php/Nesdev_Wiki rather than something that preserves the security protocol?

unregistered
Posts: 1071
Joined: Thu Apr 23, 2009 11:21 pm
Location: cypress, texas

Re: HTTPS link to root page redirects to HTTP?

Post by unregistered » Wed Mar 20, 2019 9:04 pm

It seems to be still redirecting to http.

Maybe this page could provide the needed addition to the .htaccess file used for wiki.nesdev.com. It seems to me, after reading arkascha's reply, that replacing the http://, in wiki.nesdev.com's .htaccess's RewriteRule line, with %{REQUEST_SCHEME}:// would allow https://wiki.nesdev.com to redirect to https://wiki.nesdev.com/w/index.php/Nesdev_Wiki bc REQUEST_SCHEME must be the server's variable that holds the user-entered http or https.

Am definitly not an .htaccess champion, but this seems like it is worth trying to me. :)

p.s. maybe a redirect to ftp://wiki.nesdev.com/w/index.php/Nesdev_Wiki from ftp://wiki.nesdev.com would be kind of weird, but, if you you want to, I'm sure those types of REQUEST_SCHEME can be prevented. :)

User avatar
koitsu
Posts: 4217
Joined: Sun Sep 19, 2004 9:28 pm
Location: A world gone mad

Re: HTTPS link to root page redirects to HTTP?

Post by koitsu » Thu Mar 21, 2019 1:48 am

@rainwarrior Your theory is pretty much correct. I don't maintain the site any longer, but when I did, pretty sure that was the exact situation. It's just a configuration redirect that needs to be modified to retain the URI scheme (see below).

To be clear, the way the redirections work is as follows -- there are actually two redirects involved, but it happens fairly quickly so you don't notice it:

http://wiki.nesdev.com/ --> HTTP 302 --> http://wiki.nesdev.com/w/ --> HTTP 302 --> https://wiki.nesdev.com/w/index.php/Nesdev_Wiki
https://wiki.nesdev.com/ --> HTTP 302 --> http://wiki.nesdev.com/w/ --> same as above

The stuff under /w/ is all MediaWiki; that's just how the site was set up long ago.

@unregistered -- As for .htaccess -- I do not know if the server running the site and wiki still uses Apache. It did when I helped maintain it and had shell access, but BootGod revamped things heavily (there's now an intermediary proxy running nginx that inserts ads and other stuff), so I dunno if Apache is still involved or if he switched the back-end to nginx+php-fpm. If it's using nginx+php-fpm: nginx does not have .htaccess support, and such redirections have to be done in the nginx configuration natively by the systems administrator. If it is still using Apache, then it's either an httpd.conf redirection, an .htaccess redirection either through one of mod_alias's Redirect* directives or through mod_rewrite's Rewrite* directives (the latter are more CPU intensive and complicated and shouldn't be needed to retain URI scheme), possibly done in PHP, etc... Just too many situations to cover. I can't remember if the site used mod_alias or mod_rewrite directives.

In other words, in Apache-speak, all you really need to do is something like this for the wiki.nesdev.com VirtualHost using mod_alias and the URI scheme gets retained regardless of which you use, since the destination of the redirect isn't a full URI thus "path relative":

Code: Select all

RedirectMatch "^/?$" "/w/"
Most people end up writing awful redirection directives (especially in mod_rewrite) that complicate matters greatly. Less = better. If I still maintained the server/etc. this is literally a 10 second task, heh. :)

unregistered
Posts: 1071
Joined: Thu Apr 23, 2009 11:21 pm
Location: cypress, texas

Re: HTTPS link to root page redirects to HTTP?

Post by unregistered » Thu Mar 21, 2019 8:55 am

koitsu wrote:To be clear, the way the redirections work is as follows -- there are actually two redirects involved, but it happens fairly quickly so you don't notice it:

http://wiki.nesdev.com/ --> HTTP 302 --> http://wiki.nesdev.com/w/ --> HTTP 302 --> https://wiki.nesdev.com/w/index.php/Nesdev_Wiki
https://wiki.nesdev.com/ --> HTTP 302 --> http://wiki.nesdev.com/w/ --> same as above
I bet it was a typo, but http never redirects to https... for me at least :)
koitsu wrote:In other words, in Apache-speak, all you really need to do is something like this for the wiki.nesdev.com VirtualHost using mod_alias and the URI scheme gets retained regardless of which you use, since the destination of the redirect isn't a full URI thus "path relative":

Code: Select all

RedirectMatch "^/?$" "/w/"
Most people end up writing awful redirection directives (especially in mod_rewrite) that complicate matters greatly. Less = better. If I still maintained the server/etc. this is literally a 10 second task, heh. :)
Really cool! Thank you for sharing! :D My suggestion was just to change RewriteRule's "http" to "%{REQUEST_SCHEME}", but I had never read about RedirectMatch... you seem like an .htaccess champion, koitsu, and so I hope the nesdev wiki is hosted on an apache server. :)

tepples
Posts: 21985
Joined: Sun Sep 19, 2004 11:12 pm
Location: NE Indiana, USA (NTSC)
Contact:

Re: HTTPS link to root page redirects to HTTP?

Post by tepples » Thu Mar 21, 2019 9:11 am

The recommended fix is to edit LocalSettings.php to make $wgServer scheme-relative.

Code: Select all

// Replace this
$wgServer = "http://wiki.nesdev.com";
// with this
$wgServer = "//wiki.nesdev.com";

unregistered
Posts: 1071
Joined: Thu Apr 23, 2009 11:21 pm
Location: cypress, texas

Re: HTTPS link to root page redirects to HTTP?

Post by unregistered » Thu Mar 21, 2019 9:29 am

tepples wrote:The recommended fix is to edit LocalSettings.php to make $wgServer scheme-relative.

Code: Select all

// Replace this
$wgServer = "http://wiki.nesdev.com";
// with this
$wgServer = "//wiki.nesdev.com";
WOW, that's a great very specific fix... even 5 less characters! Extremely impressive tepples! :D

"scheme-relative" is so cool! :D

Post Reply