Mailinglist Archive: opensuse-web (64 mails)

< Previous Next >
Re: [opensuse-web] Please update wiki staging server
Hello,

Am Dienstag, 21. August 2012 schrieb Matthew Ehle:
Christian Boltz <opensuse@xxxxxxxxx> 8/21/2012 12:08 PM >>>
Matthew, can you please check the update on stage again?

Special:Version still doesn't list the ReplaceText extension, and the
print.css also doesn't seem to be included. (In other words: it
looks like you didn't deploy the latest code from the 1.19 git
branch.)

My mistake. I didn't realize the new installation was put on
different branch.

;-)

I just now pulled the changes from there. I get a
database error... was there some SQL that needed to be run with
that?

Did you run maintenance/update.php ?

Besides that, the test account opensuse_stage:opensuse_stage (created
by Thomas) doesn't seem to work -

It seems to work fine on the openSUSE staging blogs and on staging
Novell.

Indeed - I can login on https://loginstage.provo.novell.com/ with this
account.

Because of the broken database query, I can't try it out on
the wikis at the moment. I'll make sure to check as soon as it's
fixed. My guess right now would be that the login extension is
broken with the new version.

I'm not even sure if logging in on enstage worked with the old
version...

Are you seriously telling us that the load balancer makes the wiki
slower? ;-)

Not in general, but it looks like it can drop requests sometimes.
We're still trying to track it down exactly, but that's the most
likely candidate right now.

Sounds interesting[tm] ;-)

IIRC most of the wiki runs over http, not https - therefore I doubt
SSL negotiation speed is a real problem ;-)

It's about half and half right now. For whatever reason, most of the
static content is hardcoded to be pulled from a secure connection.

Maybe the author of the Bento theme wasn't aware of protocol-relative
URLs? Changing "https://static.opensuse.org/..."; to
"//static/opensuse.org/..." shouldn't cause any problems.

In fact, I would propose that we go ahead and turn of SSL for the
rest of the wiki. As it stands, people logged into the forums,
wikis, and blogs are vulnerable to session hijacking, which is only
really fixable by encrypting the entire session. SSL is much less of
a performance problem than it used to be, and using things like SPDY
and false start make it completely negligible.

There's nothing wrong with SSL for logged in users, OTOH it's
superfluous for other visitors.


Regards,

Christian Boltz
--
Das soll jetzt wirklich keine Arroganz sein, aber es macht keinen Sinn,
das Haus abzureissen, weil du den Hausschl├╝ssel vergessen hast. :-)
[Ratti in suse-linux]

--
To unsubscribe, e-mail: opensuse-web+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-web+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups