Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace leftover joomla.org (and subdomains) HTTP links for HTTPS links (where possible) #8791

Closed
wants to merge 12 commits into from
Closed

Replace leftover joomla.org (and subdomains) HTTP links for HTTPS links (where possible) #8791

wants to merge 12 commits into from

Conversation

andrepereiradasilva
Copy link
Contributor

Description

An year after #5478, this PR is for normalize the joomla.org URI in Joomla code to use HTTPS.

In this PR all joomla.org domains (and subdomains) in joomla code were checked, and then checked if those serve in HTTP, HTTP and HTTPS or exclusively HTTPS (HTTP redirect to HTTPS).

For the ones that the change seems possible without issues (certificate errors, protocols errors, redirects to HTTP, mixed content, etc) the change is done in this PR.

Please note this is not a blind search -> replace.

List of joomla.org domains (found in code and completly https with this PR)
Domain Protocols Observations All URI in HTTPS?
joomla.org HTTP and HTTPS Forces HTTPS. Redirect to www.joomla.org ✅ (after this PR)
www.joomla.org HTTP and HTTPS Forces HTTPS ✅ (after this PR)
docs.joomla.org HTTP and HTTPS Forces HTTPS ✅ (after this PR)
developer.joomla.org HTTP and HTTPS Forces HTTPS ✅ (after this PR)
volunteers.joomla.org HTTP and HTTPS Forces HTTPS ✅ (after this PR)
events.joomla.org HTTP and HTTPS Forces HTTPS ✅ (after this PR)
issues.joomla.org HTTP and HTTPS Forces HTTPS ✅ (after this PR)
api.joomla.org HTTP and HTTPS Forces HTTPS
demo.joomla.org HTTP and HTTPS Forces HTTPS
contribute.joomla.org HTTP and HTTPS Forces HTTPS. Redirect to opensourcematters.org ✅ (after this PR)
help.joomla.org HTTP and HTTPS Forces HTTPS in both (/ and /proxy/) ✅ (after this PR)
cdn.joomla.org HTTP and HTTPS - ✅ (after this PR)
List of joomla.org domains (found in code but will have to wait for a future PR)
Domain Protocols Observations All URI in HTTPS?
update.joomla.org HTTP and HTTPS - PR related to this: #8645
shop.joomla.org HTTP and HTTPS HTTPS has Mixed content. PR related to this: #8653
community.joomla.org HTTP and HTTPS HTTPS has Mixed content. Site not ready yet.
resources.joomla.org HTTP and HTTPS HTTPS has Mixed content. Site not ready yet.
extensions.joomla.org HTTP and HTTPS HTTPS redirect to HTTP Site not ready yet.
forum.joomla.org HTTP and HTTPS HTTPS has protocol error. Site not ready yet.
opensourcematters.org HTTP - Site not ready yet.
feeds.joomla.org HTTP Feedburner Not ready yet.
build.joomla.org HTTP and HTTPS Jenkings. Certificate error Not ready yet.
joom.la HTTP and HTTPS Certificate error Not ready yet.
Other domain in code

There are other domains used only for Unit tests to simulate errors but doesn't really exist or are only used in unit tests, so those were not changed:

  • base.joomla.org
  • test.joomla.org
  • xommunity.joomla.org

How to test

Check the "Files changed" in this PR and verify the changes.

More info

For checking the domains that exist in Joomla code it was used several egrep linux commands:

  • egrep -R 'joomla\.org' /path/to/joomla/
  • egrep -R 'http:(//|\\/\\/|\\\\/\\\\/)subdomain\.joomla\.org' /path/to/joomla/
  • egrep -R 'https:(//|\\/\\/|\\\\/\\\\/)subdomain\.joomla\.org' /path/to/joomla/
  • and other combinations

See joomla/joomla-websites#20 for a list of Joomla domains and the HTTP to HTTPS site conversion process.

Suggestions or corrections are welcome.

@andrepereiradasilva andrepereiradasilva mentioned this pull request Dec 26, 2015
Closed
@wojsmol
Copy link
Contributor

wojsmol commented Dec 26, 2015

@andrepereiradasilva regarding cdn see first post of joomla/joomla-websites#20

@mbabker
Copy link
Contributor

mbabker commented Dec 26, 2015

For help.joomla.org the help screen proxy (/proxy on that subdomain)
already defaults to HTTPS and the rest of the site is effectively offline
but the htaccess should be forcing HTTPS on the landing page last I
remember. So that's fine to change any leftover links. Though those links
should probably change to something suitable in the docs wiki.

On Saturday, December 26, 2015, andrepereiradasilva <
notifications@github.com> wrote:

Description

An year after #5478 #5478,
this PR is for normalize the joomla.org URI in Joomla code to use https.

In this PR all joomla.org domains (and subdomains) in joomla code were
checked, and then checked if those serve in HTTP, HTTP and HTTPD or
exclusively HTTPS (HTTP redirect to HTTPS).

For the ones that the change seems possible without issues (certificate
errors, protocols errors, redirects to HTTP, mixed content, etc) the change
is done in this PR.

Please note this is not a blind search -> replace.
List of joomla.org domains Domain Protocols Observations All URI in HTTPS?
joomla.org HTTP and HTTPS Both redirect to www.joomla.org [image:
✅](after this PR) www.joomla.org HTTP and HTTPS HTTP
redirect to HTTPS [image: ✅](after this PR)
docs.joomla.org HTTP and HTTPS HTTP redirect to HTTPS [image:
✅](after this PR) developer.joomla.org HTTP and HTTPS HTTP
redirect to HTTPS [image: ✅](after this PR)
volunteers.joomla.org HTTP and HTTPS HTTP redirect to HTTPS [image:
✅](after this PR) issues.joomla.org HTTP and HTTPS HTTP
redirect to HTTPS [image: ✅](after this PR)
api.joomla.org HTTP and HTTPS HTTP redirect to HTTPS [image:
✅] demo.joomla.org HTTP and HTTPS HTTP redirect to HTTPS [image:
✅] contribute.joomla.org HTTP and HTTPS Both redirect to
opensourcematters.org [image: ✅](after this PR)
update.joomla.org HTTP and HTTPS - PR related to this: #8645
#8645 help.joomla.org HTTP and
HTTPS - Code not ready yet? Same as above? shop.joomla.org HTTP and HTTPS HTTPS
has Mixed content. PR related to this: #8653
#8653 community.joomla.org HTTP
and HTTPS HTTPS has Mixed content. Site not ready yet.
resources.joomla.org HTTP and HTTPS HTTPS has Mixed content. Site not
ready yet. extensions.joomla.org HTTP and HTTPS HTTPS redirect to HTTP Site
not ready yet. forum.joomla.org HTTP and HTTPS HTTPS has protocol error. Site
not ready yet. feeds.joomla.org HTTP Feedburner Not ready yet.
build.joomla.org HTTP and HTTPS Jenkings. Certificate error Not ready yet. Other
domain in code

There are other domains used only for Unit tests to simulate errors but
doesn't really exist or are only used in unit tests, so those were not
changed:

  • cdn.joomla.org
  • base.joomla.org
  • test.joomla.org
  • xommunity.joomla.org

How to test

Check the "Files changed" in this PR and verify the changes.
More info

For checking the domains that exist in Joomla code it was used several
egrep linux commands:

  • egrep -R 'joomla.org' /path/to/joomla/
  • egrep -R 'http:(//|//)subdomain.joomla.org' /path/to/joomla/
  • egrep -R 'https:(//|//)subdomain.joomla.org' /path/to/joomla/
  • and other combinations

Suggestions or corrections are welcome.

You can view, comment on, or merge this pull request online at:

#8791
Commit Summary

  • Merge remote-tracking branch 'refs/remotes/joomla/staging' into
    staging
  • Merge remote-tracking branch 'refs/remotes/joomla/staging' into
    staging
  • Merge remote-tracking branch 'refs/remotes/joomla/staging' into
    staging
  • Merge branch 'staging' of
    https://github.com/andrepereiradasilva/joomla-cms into staging
  • Merge remote-tracking branch 'refs/remotes/joomla/staging' into
    more-https-links
  • From http to https

File Changes

Patch Links:


Reply to this email directly or view it on GitHub
#8791.

@andrepereiradasilva andrepereiradasilva changed the title Replace joomla.org (and subdomains) HTTP links for HTTPS links (where possible) Replace leftover joomla.org (and subdomains) HTTP links for HTTPS links (where possible) Dec 26, 2015
@andrepereiradasilva
Copy link
Contributor Author

@mbabker
The ones that are left from help.joomla.org domain in joomla code are:

I think those can also be changed to HTTPS without issues. Do you agree?

@mbabker
Copy link
Contributor

mbabker commented Dec 26, 2015

Yes those can change.

On Saturday, December 26, 2015, andrepereiradasilva <
notifications@github.com> wrote:

@mbabker https://github.com/mbabker
The ones that are left from help.joomla.org domain in joomla code are:

https://github.com/joomla/joomla-cms/blob/staging/libraries/cms/help/help.php#L187

https://github.com/joomla/joomla-cms/blob/staging/administrator/components/com_config/controller/application/refreshhelp.php#L41

https://github.com/joomla/joomla-cms/blob/staging/tests/unit/suites/libraries/cms/help/JHelpTest.php#L118

I think those can also be changed to HTTPS without issues. Do you agree?


Reply to this email directly or view it on GitHub
#8791 (comment).

mbabker
mbabker reviewed Dec 26, 2015
View reviewed changes
tests/system/webdriver/Pages/System/AdminPage.php
@@ -140,8 +140,8 @@
'Joomla Translations' => 'http://community.joomla.org/translations.html',
'Joomla Resources' => 'http://resources.joomla.org/',
'Community Portal' => 'http://community.joomla.org/',
'Security Center' => 'http://developer.joomla.org/security.html',
'Developer Resources' => 'http://developer.joomla.org/',
'Security Center' => 'https://developer.joomla.org/security.html',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should actually be Security Centre and linking to https://developer.joomla.org/security-centre.html. Not 100% related to this PR but this particular test has been failing for some time if it's comparing links and text.

@mbabker
Copy link
Contributor

mbabker commented Dec 26, 2015

As for the test case involving cdn.joomla.org it's validating a behavior in that class' API and not reliant on a "real" page. You can try changing it to HTTPS but I think the protocol is dependent on the injected config values in that test case IIRC so it might end up failing without additional changes.

@andrepereiradasilva
Copy link
Contributor Author

@mbabker thanks for your comments

Made the two changes and travis accepted them without problems.

We also have the joom.la domain (only in https://github.com/joomla/joomla-cms/blob/staging/tests/unit/suites/libraries/joomla/application/JApplicationWebTest.php) that i think is some kind of URI shortener service, right?

By the way, the certificate is incorrect in that domain.

@infograf768
Copy link
Member

Looking at this patch and specially the tests/unit/stubs/database/...
I found 27 occurences of these unknown characters

�*�

@mbabker
Copy link
Contributor

mbabker commented Dec 27, 2015

It's some kind of quirk unrelated to this patch (it's actually a \u0 character according to Chrome). This screenshot is me putting an echo serialize($item);die; line in before rows are written to the table where those characters are being found.

screen shot 2015-12-27 at 11 15 35 am

@mbabker
Copy link
Contributor

mbabker commented Dec 27, 2015

It's PHP's behavior actually... http://php.net/manual/en/function.serialize.php

Object's private members have the class name prepended to the member name; protected members have a '*' prepended to the member name. These prepended values have null bytes on either side.

@infograf768
Copy link
Member

Thanks Michael.

@andrepereiradasilva
Copy link
Contributor Author

Ok. So all fine.

@brianteeman brianteeman mentioned this pull request Mar 12, 2016
Closed
@andrepereiradasilva
Copy link
Contributor Author

closed as comments above, new PR will be made.

@andrepereiradasilva andrepereiradasilva deleted the more-https-links branch May 4, 2016 16:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Unit/System Tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@andrepereiradasilva @wojsmol @mbabker @infograf768 @joomla-cms-bot