You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openoffice.apache.org by janI <ja...@apache.org> on 2013/10/26 22:54:59 UTC
call for help to test AOO www and AOO wiki (certificates for *.o.o)
Hi.
www.openoffice.org now accept both http: and https: as announced earlier.
We have however seen that e.g. product.css contain image tag with http://xxx.
All references must be relative (without http: and https:). I hope the web
admins can do make the needed changes.
https://wiki.openoffice.org is also created and ready for test, BUT it is
not enforced. We have seen the same issues here. Mixing http/https. Please
test https://wiki.openoffice.org and report the problems. Some of the tags
will be within the pages, and need to be changed in the wiki itself, others
like .css must be changed by a sysadmin.
@admins, FYI I have changed Localsettings.php to allow https, and it is
committed with R884253, no other changes were made to mwiki. You will find
code in there, look at the commit comment for an explanation.
The intention is to enforce https: on wiki next weekend, unless someone
object a lot.
We are planning a similar test with forum, but that will not be initiated
before next weekend.
A big thank to mark for helping making this happen so fast.
on behalf of infra
jan I
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by janI <ja...@apache.org>.
On 26 October 2013 23:45, Ariel Constenla-Haile <ar...@apache.org> wrote:
> On Sat, Oct 26, 2013 at 11:26:21PM +0200, janI wrote:
> > > There are 26,349 matches of "http://www.openoffice.org/" in
> > > ooo-site.
> > >
> >
> > I am glad you did not count "http://" :-)
> >
> > Please remember that a large part is in the templates, so change once
> > and rebuild site.
>
> No, it's a grep in the site source, ooo-site/content, it's not generated
> html files. A wider search should include links to localized sites, like
> es.openoffice.org, so that something like
>
> http://[a-zA-Z0-9]*.openoffice.org/
>
> gives 74,979 matches (but they include for sure sites like
> http://templates.openoffice.org that cannot be replaced by "/".
>
What I meant was that if you search in svn ooo-site/trunk/content, then it
is full html
see e.g.
https://svn.apache.org/repos/asf/openoffice/ooo-site/trunk/content/contributing/index.html
at least I cannot see the difference. I have also been told earlier that
the full html is stored in svn, and the cms software knows what is template
and what not.
Where should the generated html be in your opinion ? the site-vm seems to
take it directly from svn.
But lets not discuss numbers, I am no expert in this and just want to
understand.
rgds
jan I.
>
>
> Regards
> --
> Ariel Constenla-Haile
> La Plata, Argentina
>
Re: call for help to test AOO www and AOO wiki (certificates for
*.o.o)
Posted by Ariel Constenla-Haile <ar...@apache.org>.
On Sat, Oct 26, 2013 at 11:26:21PM +0200, janI wrote:
> > There are 26,349 matches of "http://www.openoffice.org/" in
> > ooo-site.
> >
>
> I am glad you did not count "http://" :-)
>
> Please remember that a large part is in the templates, so change once
> and rebuild site.
No, it's a grep in the site source, ooo-site/content, it's not generated
html files. A wider search should include links to localized sites, like
es.openoffice.org, so that something like
http://[a-zA-Z0-9]*.openoffice.org/
gives 74,979 matches (but they include for sure sites like
http://templates.openoffice.org that cannot be replaced by "/".
Regards
--
Ariel Constenla-Haile
La Plata, Argentina
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by janI <ja...@apache.org>.
On 26 October 2013 23:05, Ariel Constenla-Haile <ar...@apache.org> wrote:
> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> > Hi.
> >
> > www.openoffice.org now accept both http: and https: as announced
> earlier.
> >
> > We have however seen that e.g. product.css contain image tag with
> http://xxx.
> > All references must be relative (without http: and https:). I hope the
> web
> > admins can do make the needed changes.
>
> There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
>
I am glad you did not count "http://" :-)
Please remember that a large part is in the templates, so change once and
rebuild site. But its still a "nice" search and replace job.
May I politely point out that the only reason for this change, is
infra-6608 where it was directly added to the list of sites that should
have https:
rgds
jan I.
>
>
> Regards
> --
> Ariel Constenla-Haile
> La Plata, Argentina
>
Re: call for help to test AOO www and AOO wiki (certificates for
*.o.o)
Posted by imacat <im...@mail.imacat.idv.tw>.
Dear Jan,
I notice that there are still of our web sites that may need SSL
certificates, that is, extensions.openoffice.org and
templates.openoffice.org. But I have no privilege on these two sites.
Could these two sites be updated to use HTTPS, too? Thanks.
On 2013/11/01 04:44, Kay Schenk said:
> On Wed, Oct 30, 2013 at 5:20 PM, Dave Fisher <da...@comcast.net> wrote:
>
>>
>> On Oct 30, 2013, at 4:51 PM, Dave Fisher wrote:
>>
>>> Hi Joe/JanIV/Mark,
>>>
>>> THANKS!!!! for getting the SSL certificate to work. We really, really
>> needed this for the wiki and forums!
>>>
>>> Given the scope of the conversion of internal relative links. I think it
>> is reasonable to expect that the project will not be in a hurry to start
>> rushing in to convert 100,000 links without a plan.
>>>
>>> Hey AOO Devs:
>>>
>>> I have the experience of touching all of these html files when we ported
>> them. I did do url rewrites and we have scripting to handle these cases!
>>>
>>> See ooo-site/trunk/tools/ -
>> http://svn.apache.org/viewvc/openoffice/ooo-site/trunk/tools/
>>>
>>> Specifically the files urlrewrite.sh and urlrewrite.sed
>>
>> I have accumulated information about remaining links using the form http://
>> *.openoffice.org/ and https://*.openoffice.org/
>>
>> Look for more this week before a sledgehammer change over the weekend.
>>
>> This will be with a new subject.
>>
>> Regards,
>> Dave
>>
>
> OK -- and thanks for taking this on. I had TOTALLY forgotten about "tools".
>
>
>>
>>>
>>> Working locally on a full checkout of ooo-site:
>> http://openoffice.apache.org/website-local.html#how-to-do-website-development-locally-for-technical-users
>>>
>>> (1) urlrewrite.sed needs the additional rules.
>>>
>>> (2) To convert:
>>>
>>> $ cd ooo-site/trunk/tools
>>> $ ./urlrewrite.sh . # there is a dot at the end - please use it.
>>>
>>> (3) Do a local build.
>>>
>>> (4) Commit the massive changes.
>>>
>>> Voila! If the project wants to define the additional url rewrites then I
>> will find cycles this weekend, or I can guide someone else.
>>>
>>> Regards,
>>> Dave
>>>
>>> On Oct 26, 2013, at 6:51 PM, Joseph Schaefer wrote:
>>>
>>>> I don't think there are any plans to change the dual http/https nature
>> of the site, even in the worst case scenario of redirecting everything to
>> https, the old links will still resolve.
>>>>
>>>> Sent from my iPhone
>>>>
>>>>> On Oct 26, 2013, at 9:49 PM, Rob Weir <ro...@apache.org> wrote:
>>>>>
>>>>>> On Sat, Oct 26, 2013 at 9:34 PM, Joseph Schaefer <
>> joe_schaefer@yahoo.com> wrote:
>>>>>> No. Ideally urls local to the site use relative addressing so it
>> will work properly when viewed over http or https. The reason you don't
>> want hard coded http urls on the site is because https browsers will warn
>> the user about fetching insecure resources.
>>>>>
>>>>> OK. So long as external, incoming http:// URL's will still resolve.
>>>>>
>>>>> -Rob
>>>>>
>>>>>> Sent from my iPhone
>>>>>>
>>>>>>> On Oct 26, 2013, at 9:30 PM, Rob Weir <ro...@apache.org> wrote:
>>>>>>>
>>>>>>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
>>>>>>> <ar...@apache.org> wrote:
>>>>>>>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>>>>>>>>> Hi.
>>>>>>>>>
>>>>>>>>> www.openoffice.org now accept both http: and https: as announced
>> earlier.
>>>>>>>>>
>>>>>>>>> We have however seen that e.g. product.css contain image tag with
>> http://xxx.
>>>>>>>>> All references must be relative (without http: and https:). I hope
>> the web
>>>>>>>>> admins can do make the needed changes.
>>>>>>>>
>>>>>>>> There are 26,349 matches of "http://www.openoffice.org/" in
>> ooo-site.
>>>>>>>
>>>>>>> We *are not* going to change to a system that requires that links to
>>>>>>> www.openoffice.org are all https. I hope that is not what is being
>>>>>>> suggested. Remember, we have 10's of thousands of *external* links
>> to
>>>>>>> our website that we do control and cannot change.
>>>>>>>
>>>>>>> Please someone, tell me that this is not what is being suggested
>> here.
>>>>>>>
>>>>>>> -Rob
>>>>>>>
>>>>>>>>
>>>>>>>> Regards
>>>>>>>> --
>>>>>>>> Ariel Constenla-Haile
>>>>>>>> La Plata, Argentina
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>>>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>
>>
>
>
--
Best regards,
imacat ^_*' <im...@mail.imacat.idv.tw>
PGP Key http://www.imacat.idv.tw/me/pgpkey.asc
<<Woman's Voice>> News: http://www.wov.idv.tw/
Tavern IMACAT's http://www.imacat.idv.tw/
Woman in FOSS in Taiwan http://wofoss.blogspot.com/
OpenOffice http://www.openoffice.org/
EducOO/OOo4Kids Taiwan http://www.educoo.tw/
Greenfoot Taiwan http://greenfoot.westart.tw/
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Kay Schenk <ka...@gmail.com>.
On Wed, Oct 30, 2013 at 5:20 PM, Dave Fisher <da...@comcast.net> wrote:
>
> On Oct 30, 2013, at 4:51 PM, Dave Fisher wrote:
>
> > Hi Joe/JanIV/Mark,
> >
> > THANKS!!!! for getting the SSL certificate to work. We really, really
> needed this for the wiki and forums!
> >
> > Given the scope of the conversion of internal relative links. I think it
> is reasonable to expect that the project will not be in a hurry to start
> rushing in to convert 100,000 links without a plan.
> >
> > Hey AOO Devs:
> >
> > I have the experience of touching all of these html files when we ported
> them. I did do url rewrites and we have scripting to handle these cases!
> >
> > See ooo-site/trunk/tools/ -
> http://svn.apache.org/viewvc/openoffice/ooo-site/trunk/tools/
> >
> > Specifically the files urlrewrite.sh and urlrewrite.sed
>
> I have accumulated information about remaining links using the form http://
> *.openoffice.org/ and https://*.openoffice.org/
>
> Look for more this week before a sledgehammer change over the weekend.
>
> This will be with a new subject.
>
> Regards,
> Dave
>
OK -- and thanks for taking this on. I had TOTALLY forgotten about "tools".
>
> >
> > Working locally on a full checkout of ooo-site:
> http://openoffice.apache.org/website-local.html#how-to-do-website-development-locally-for-technical-users
> >
> > (1) urlrewrite.sed needs the additional rules.
> >
> > (2) To convert:
> >
> > $ cd ooo-site/trunk/tools
> > $ ./urlrewrite.sh . # there is a dot at the end - please use it.
> >
> > (3) Do a local build.
> >
> > (4) Commit the massive changes.
> >
> > Voila! If the project wants to define the additional url rewrites then I
> will find cycles this weekend, or I can guide someone else.
> >
> > Regards,
> > Dave
> >
> > On Oct 26, 2013, at 6:51 PM, Joseph Schaefer wrote:
> >
> >> I don't think there are any plans to change the dual http/https nature
> of the site, even in the worst case scenario of redirecting everything to
> https, the old links will still resolve.
> >>
> >> Sent from my iPhone
> >>
> >>> On Oct 26, 2013, at 9:49 PM, Rob Weir <ro...@apache.org> wrote:
> >>>
> >>>> On Sat, Oct 26, 2013 at 9:34 PM, Joseph Schaefer <
> joe_schaefer@yahoo.com> wrote:
> >>>> No. Ideally urls local to the site use relative addressing so it
> will work properly when viewed over http or https. The reason you don't
> want hard coded http urls on the site is because https browsers will warn
> the user about fetching insecure resources.
> >>>
> >>> OK. So long as external, incoming http:// URL's will still resolve.
> >>>
> >>> -Rob
> >>>
> >>>> Sent from my iPhone
> >>>>
> >>>>> On Oct 26, 2013, at 9:30 PM, Rob Weir <ro...@apache.org> wrote:
> >>>>>
> >>>>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
> >>>>> <ar...@apache.org> wrote:
> >>>>>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> >>>>>>> Hi.
> >>>>>>>
> >>>>>>> www.openoffice.org now accept both http: and https: as announced
> earlier.
> >>>>>>>
> >>>>>>> We have however seen that e.g. product.css contain image tag with
> http://xxx.
> >>>>>>> All references must be relative (without http: and https:). I hope
> the web
> >>>>>>> admins can do make the needed changes.
> >>>>>>
> >>>>>> There are 26,349 matches of "http://www.openoffice.org/" in
> ooo-site.
> >>>>>
> >>>>> We *are not* going to change to a system that requires that links to
> >>>>> www.openoffice.org are all https. I hope that is not what is being
> >>>>> suggested. Remember, we have 10's of thousands of *external* links
> to
> >>>>> our website that we do control and cannot change.
> >>>>>
> >>>>> Please someone, tell me that this is not what is being suggested
> here.
> >>>>>
> >>>>> -Rob
> >>>>>
> >>>>>>
> >>>>>> Regards
> >>>>>> --
> >>>>>> Ariel Constenla-Haile
> >>>>>> La Plata, Argentina
> >>>>>
> >>>>> ---------------------------------------------------------------------
> >>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> >>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
> >>>>
> >>>> ---------------------------------------------------------------------
> >>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> >>>> For additional commands, e-mail: dev-help@openoffice.apache.org
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> >>> For additional commands, e-mail: dev-help@openoffice.apache.org
> >>>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> >> For additional commands, e-mail: dev-help@openoffice.apache.org
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> > For additional commands, e-mail: dev-help@openoffice.apache.org
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
>
--
-------------------------------------------------------------------------------------------------
MzK
“Unless someone like you cares a whole awful lot,
Nothing is going to get better. It's not.”
-- Dr. Seuss, The Lorax
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Dave Fisher <da...@comcast.net>.
On Oct 30, 2013, at 4:51 PM, Dave Fisher wrote:
> Hi Joe/JanIV/Mark,
>
> THANKS!!!! for getting the SSL certificate to work. We really, really needed this for the wiki and forums!
>
> Given the scope of the conversion of internal relative links. I think it is reasonable to expect that the project will not be in a hurry to start rushing in to convert 100,000 links without a plan.
>
> Hey AOO Devs:
>
> I have the experience of touching all of these html files when we ported them. I did do url rewrites and we have scripting to handle these cases!
>
> See ooo-site/trunk/tools/ - http://svn.apache.org/viewvc/openoffice/ooo-site/trunk/tools/
>
> Specifically the files urlrewrite.sh and urlrewrite.sed
I have accumulated information about remaining links using the form http://*.openoffice.org/ and https://*.openoffice.org/
Look for more this week before a sledgehammer change over the weekend.
This will be with a new subject.
Regards,
Dave
>
> Working locally on a full checkout of ooo-site: http://openoffice.apache.org/website-local.html#how-to-do-website-development-locally-for-technical-users
>
> (1) urlrewrite.sed needs the additional rules.
>
> (2) To convert:
>
> $ cd ooo-site/trunk/tools
> $ ./urlrewrite.sh . # there is a dot at the end - please use it.
>
> (3) Do a local build.
>
> (4) Commit the massive changes.
>
> Voila! If the project wants to define the additional url rewrites then I will find cycles this weekend, or I can guide someone else.
>
> Regards,
> Dave
>
> On Oct 26, 2013, at 6:51 PM, Joseph Schaefer wrote:
>
>> I don't think there are any plans to change the dual http/https nature of the site, even in the worst case scenario of redirecting everything to https, the old links will still resolve.
>>
>> Sent from my iPhone
>>
>>> On Oct 26, 2013, at 9:49 PM, Rob Weir <ro...@apache.org> wrote:
>>>
>>>> On Sat, Oct 26, 2013 at 9:34 PM, Joseph Schaefer <jo...@yahoo.com> wrote:
>>>> No. Ideally urls local to the site use relative addressing so it will work properly when viewed over http or https. The reason you don't want hard coded http urls on the site is because https browsers will warn the user about fetching insecure resources.
>>>
>>> OK. So long as external, incoming http:// URL's will still resolve.
>>>
>>> -Rob
>>>
>>>> Sent from my iPhone
>>>>
>>>>> On Oct 26, 2013, at 9:30 PM, Rob Weir <ro...@apache.org> wrote:
>>>>>
>>>>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
>>>>> <ar...@apache.org> wrote:
>>>>>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>>>>>>> Hi.
>>>>>>>
>>>>>>> www.openoffice.org now accept both http: and https: as announced earlier.
>>>>>>>
>>>>>>> We have however seen that e.g. product.css contain image tag with http://xxx.
>>>>>>> All references must be relative (without http: and https:). I hope the web
>>>>>>> admins can do make the needed changes.
>>>>>>
>>>>>> There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
>>>>>
>>>>> We *are not* going to change to a system that requires that links to
>>>>> www.openoffice.org are all https. I hope that is not what is being
>>>>> suggested. Remember, we have 10's of thousands of *external* links to
>>>>> our website that we do control and cannot change.
>>>>>
>>>>> Please someone, tell me that this is not what is being suggested here.
>>>>>
>>>>> -Rob
>>>>>
>>>>>>
>>>>>> Regards
>>>>>> --
>>>>>> Ariel Constenla-Haile
>>>>>> La Plata, Argentina
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Dave Fisher <da...@comcast.net>.
Hi Joe/JanIV/Mark,
THANKS!!!! for getting the SSL certificate to work. We really, really needed this for the wiki and forums!
Given the scope of the conversion of internal relative links. I think it is reasonable to expect that the project will not be in a hurry to start rushing in to convert 100,000 links without a plan.
Hey AOO Devs:
I have the experience of touching all of these html files when we ported them. I did do url rewrites and we have scripting to handle these cases!
See ooo-site/trunk/tools/ - http://svn.apache.org/viewvc/openoffice/ooo-site/trunk/tools/
Specifically the files urlrewrite.sh and urlrewrite.sed
Working locally on a full checkout of ooo-site: http://openoffice.apache.org/website-local.html#how-to-do-website-development-locally-for-technical-users
(1) urlrewrite.sed needs the additional rules.
(2) To convert:
$ cd ooo-site/trunk/tools
$ ./urlrewrite.sh . # there is a dot at the end - please use it.
(3) Do a local build.
(4) Commit the massive changes.
Voila! If the project wants to define the additional url rewrites then I will find cycles this weekend, or I can guide someone else.
Regards,
Dave
On Oct 26, 2013, at 6:51 PM, Joseph Schaefer wrote:
> I don't think there are any plans to change the dual http/https nature of the site, even in the worst case scenario of redirecting everything to https, the old links will still resolve.
>
> Sent from my iPhone
>
>> On Oct 26, 2013, at 9:49 PM, Rob Weir <ro...@apache.org> wrote:
>>
>>> On Sat, Oct 26, 2013 at 9:34 PM, Joseph Schaefer <jo...@yahoo.com> wrote:
>>> No. Ideally urls local to the site use relative addressing so it will work properly when viewed over http or https. The reason you don't want hard coded http urls on the site is because https browsers will warn the user about fetching insecure resources.
>>
>> OK. So long as external, incoming http:// URL's will still resolve.
>>
>> -Rob
>>
>>> Sent from my iPhone
>>>
>>>> On Oct 26, 2013, at 9:30 PM, Rob Weir <ro...@apache.org> wrote:
>>>>
>>>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
>>>> <ar...@apache.org> wrote:
>>>>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>>>>>> Hi.
>>>>>>
>>>>>> www.openoffice.org now accept both http: and https: as announced earlier.
>>>>>>
>>>>>> We have however seen that e.g. product.css contain image tag with http://xxx.
>>>>>> All references must be relative (without http: and https:). I hope the web
>>>>>> admins can do make the needed changes.
>>>>>
>>>>> There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
>>>>
>>>> We *are not* going to change to a system that requires that links to
>>>> www.openoffice.org are all https. I hope that is not what is being
>>>> suggested. Remember, we have 10's of thousands of *external* links to
>>>> our website that we do control and cannot change.
>>>>
>>>> Please someone, tell me that this is not what is being suggested here.
>>>>
>>>> -Rob
>>>>
>>>>>
>>>>> Regards
>>>>> --
>>>>> Ariel Constenla-Haile
>>>>> La Plata, Argentina
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Kay Schenk <ka...@gmail.com>.
On Sat, Oct 26, 2013 at 6:51 PM, Joseph Schaefer <jo...@yahoo.com>wrote:
> I don't think there are any plans to change the dual http/https nature of
> the site, even in the worst case scenario of redirecting everything to
> https, the old links will still resolve.
>
Why would this be a worst case scenario?
Wouldn't it mean we could leave the coded http://xxx.openoffice.org
as they are?
Is the concern for NOT doing this due to possible latency?
> Sent from my iPhone
>
> > On Oct 26, 2013, at 9:49 PM, Rob Weir <ro...@apache.org> wrote:
> >
> >> On Sat, Oct 26, 2013 at 9:34 PM, Joseph Schaefer <
> joe_schaefer@yahoo.com> wrote:
> >> No. Ideally urls local to the site use relative addressing so it will
> work properly when viewed over http or https. The reason you don't want
> hard coded http urls on the site is because https browsers will warn the
> user about fetching insecure resources.
> >
> > OK. So long as external, incoming http:// URL's will still resolve.
> >
> > -Rob
> >
> >> Sent from my iPhone
> >>
> >>> On Oct 26, 2013, at 9:30 PM, Rob Weir <ro...@apache.org> wrote:
> >>>
> >>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
> >>> <ar...@apache.org> wrote:
> >>>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> >>>>> Hi.
> >>>>>
> >>>>> www.openoffice.org now accept both http: and https: as announced
> earlier.
> >>>>>
> >>>>> We have however seen that e.g. product.css contain image tag with
> http://xxx.
> >>>>> All references must be relative (without http: and https:). I hope
> the web
> >>>>> admins can do make the needed changes.
> >>>>
> >>>> There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
> >>>
> >>> We *are not* going to change to a system that requires that links to
> >>> www.openoffice.org are all https. I hope that is not what is being
> >>> suggested. Remember, we have 10's of thousands of *external* links to
> >>> our website that we do control and cannot change.
> >>>
> >>> Please someone, tell me that this is not what is being suggested here.
> >>>
> >>> -Rob
> >>>
> >>>>
> >>>> Regards
> >>>> --
> >>>> Ariel Constenla-Haile
> >>>> La Plata, Argentina
> >>>
> >>> ---------------------------------------------------------------------
> >>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> >>> For additional commands, e-mail: dev-help@openoffice.apache.org
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> >> For additional commands, e-mail: dev-help@openoffice.apache.org
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> > For additional commands, e-mail: dev-help@openoffice.apache.org
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
>
--
-------------------------------------------------------------------------------------------------
MzK
“Unless someone like you cares a whole awful lot,
Nothing is going to get better. It's not.”
-- Dr. Seuss, The Lorax
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Joseph Schaefer <jo...@yahoo.com>.
I don't think there are any plans to change the dual http/https nature of the site, even in the worst case scenario of redirecting everything to https, the old links will still resolve.
Sent from my iPhone
> On Oct 26, 2013, at 9:49 PM, Rob Weir <ro...@apache.org> wrote:
>
>> On Sat, Oct 26, 2013 at 9:34 PM, Joseph Schaefer <jo...@yahoo.com> wrote:
>> No. Ideally urls local to the site use relative addressing so it will work properly when viewed over http or https. The reason you don't want hard coded http urls on the site is because https browsers will warn the user about fetching insecure resources.
>
> OK. So long as external, incoming http:// URL's will still resolve.
>
> -Rob
>
>> Sent from my iPhone
>>
>>> On Oct 26, 2013, at 9:30 PM, Rob Weir <ro...@apache.org> wrote:
>>>
>>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
>>> <ar...@apache.org> wrote:
>>>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>>>>> Hi.
>>>>>
>>>>> www.openoffice.org now accept both http: and https: as announced earlier.
>>>>>
>>>>> We have however seen that e.g. product.css contain image tag with http://xxx.
>>>>> All references must be relative (without http: and https:). I hope the web
>>>>> admins can do make the needed changes.
>>>>
>>>> There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
>>>
>>> We *are not* going to change to a system that requires that links to
>>> www.openoffice.org are all https. I hope that is not what is being
>>> suggested. Remember, we have 10's of thousands of *external* links to
>>> our website that we do control and cannot change.
>>>
>>> Please someone, tell me that this is not what is being suggested here.
>>>
>>> -Rob
>>>
>>>>
>>>> Regards
>>>> --
>>>> Ariel Constenla-Haile
>>>> La Plata, Argentina
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>> For additional commands, e-mail: dev-help@openoffice.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Rob Weir <ro...@apache.org>.
On Sat, Oct 26, 2013 at 9:34 PM, Joseph Schaefer <jo...@yahoo.com> wrote:
> No. Ideally urls local to the site use relative addressing so it will work properly when viewed over http or https. The reason you don't want hard coded http urls on the site is because https browsers will warn the user about fetching insecure resources.
>
OK. So long as external, incoming http:// URL's will still resolve.
-Rob
> Sent from my iPhone
>
>> On Oct 26, 2013, at 9:30 PM, Rob Weir <ro...@apache.org> wrote:
>>
>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
>> <ar...@apache.org> wrote:
>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>>>> Hi.
>>>>
>>>> www.openoffice.org now accept both http: and https: as announced earlier.
>>>>
>>>> We have however seen that e.g. product.css contain image tag with http://xxx.
>>>> All references must be relative (without http: and https:). I hope the web
>>>> admins can do make the needed changes.
>>>
>>> There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
>>>
>>
>> We *are not* going to change to a system that requires that links to
>> www.openoffice.org are all https. I hope that is not what is being
>> suggested. Remember, we have 10's of thousands of *external* links to
>> our website that we do control and cannot change.
>>
>> Please someone, tell me that this is not what is being suggested here.
>>
>> -Rob
>>
>>>
>>> Regards
>>> --
>>> Ariel Constenla-Haile
>>> La Plata, Argentina
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
>> For additional commands, e-mail: dev-help@openoffice.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Joseph Schaefer <jo...@yahoo.com>.
No. Ideally urls local to the site use relative addressing so it will work properly when viewed over http or https. The reason you don't want hard coded http urls on the site is because https browsers will warn the user about fetching insecure resources.
Sent from my iPhone
> On Oct 26, 2013, at 9:30 PM, Rob Weir <ro...@apache.org> wrote:
>
> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
> <ar...@apache.org> wrote:
>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>>> Hi.
>>>
>>> www.openoffice.org now accept both http: and https: as announced earlier.
>>>
>>> We have however seen that e.g. product.css contain image tag with http://xxx.
>>> All references must be relative (without http: and https:). I hope the web
>>> admins can do make the needed changes.
>>
>> There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
>>
>
> We *are not* going to change to a system that requires that links to
> www.openoffice.org are all https. I hope that is not what is being
> suggested. Remember, we have 10's of thousands of *external* links to
> our website that we do control and cannot change.
>
> Please someone, tell me that this is not what is being suggested here.
>
> -Rob
>
>>
>> Regards
>> --
>> Ariel Constenla-Haile
>> La Plata, Argentina
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by janI <ja...@apache.org>.
On 27 October 2013 16:47, Rob Weir <ro...@apache.org> wrote:
> On Sat, Oct 26, 2013 at 9:58 PM, Ariel Constenla-Haile
> <ar...@apache.org> wrote:
> > On Sat, Oct 26, 2013 at 09:30:06PM -0400, Rob Weir wrote:
> >> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
> >> <ar...@apache.org> wrote:
> >> > On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> >> >> Hi.
> >> >>
> >> >> www.openoffice.org now accept both http: and https: as announced
> >> >> earlier.
> >> >>
> >> >> We have however seen that e.g. product.css contain image tag with
> >> >> http://xxx. All references must be relative (without http: and
> >> >> https:). I hope the web admins can do make the needed changes.
> >> >
> >> > There are 26,349 matches of "http://www.openoffice.org/" in
> >> > ooo-site.
> >> >
> >>
> >> We *are not* going to change to a system that requires that links to
> >> www.openoffice.org are all https. I hope that is not what is being
> >> suggested. Remember, we have 10's of thousands of *external* links to
> >> our website that we do control and cannot change.
> >>
> >> Please someone, tell me that this is not what is being suggested here.
> >
> >
> > were you have href="http://www.openoffice.org/some_resource", it should
> > be href="/some_resource" (nothing crazy, but a good practice).
> >
>
> Also, in images, src="http://www.openoffice.org/some_resource"
>
> yes
> Or in CSS:
>
> url("http://www.openoffice.org/some.css");
>
yes
>
> But there are some that probably should not be changed. For example:
>
> <meta itemprop="image"
> content="http://www.openoffice.org/images/aoo-logo-100x100.png" />
>
correct, which is why you need to search {href|src|url(}\=\"
http://www.openoffice.org
>
> That is intended to resolve externally, on Google+, so I think itt
> should be the full URL.
>
yes it should not be changed.
>
> There are also the legacy subdomains to think about. We have URL's
> on the website like:
>
> href="http://qa.openoffice.org/issue_handling/project_issues.html"
>
> That should become:
>
> href="/qa/issue_handling/project_issues.html"
>
yes.
Please remember we have *.openoffice.org so it is valid for
qa.openoffice.org
In this case you search could be {href|src|url(}\=\"http://qa.openoffice.org
>
> But not all subdomains act that way. For example
> http://extensions.openoffice.org should *not* be rewritten.
>
No that is located on sourceforge out of our control.
> > Grepping href=["']http://www.openoffice.org/ gives 25,026 matches.
> >
>
> Maybe it makes sense to do the easy one first, the www subdomain
> ones.. Most of them are simple href/source/url patterns.
>
a combination of regex, sed and find makes the change in a couple of
minutes, what remains then is commit/publish and test.
rgds
jan I.
>
> Regards,
>
> -Rob
>
>
> >
> > Regards
> > --
> > Ariel Constenla-Haile
> > La Plata, Argentina
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
>
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Rob Weir <ro...@apache.org>.
On Sat, Oct 26, 2013 at 9:58 PM, Ariel Constenla-Haile
<ar...@apache.org> wrote:
> On Sat, Oct 26, 2013 at 09:30:06PM -0400, Rob Weir wrote:
>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
>> <ar...@apache.org> wrote:
>> > On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>> >> Hi.
>> >>
>> >> www.openoffice.org now accept both http: and https: as announced
>> >> earlier.
>> >>
>> >> We have however seen that e.g. product.css contain image tag with
>> >> http://xxx. All references must be relative (without http: and
>> >> https:). I hope the web admins can do make the needed changes.
>> >
>> > There are 26,349 matches of "http://www.openoffice.org/" in
>> > ooo-site.
>> >
>>
>> We *are not* going to change to a system that requires that links to
>> www.openoffice.org are all https. I hope that is not what is being
>> suggested. Remember, we have 10's of thousands of *external* links to
>> our website that we do control and cannot change.
>>
>> Please someone, tell me that this is not what is being suggested here.
>
>
> were you have href="http://www.openoffice.org/some_resource", it should
> be href="/some_resource" (nothing crazy, but a good practice).
>
Also, in images, src="http://www.openoffice.org/some_resource"
Or in CSS:
url("http://www.openoffice.org/some.css");
But there are some that probably should not be changed. For example:
<meta itemprop="image"
content="http://www.openoffice.org/images/aoo-logo-100x100.png" />
That is intended to resolve externally, on Google+, so I think itt
should be the full URL.
There are also the legacy subdomains to think about. We have URL's
on the website like:
href="http://qa.openoffice.org/issue_handling/project_issues.html"
That should become:
href="/qa/issue_handling/project_issues.html"
But not all subdomains act that way. For example
http://extensions.openoffice.org should *not* be rewritten.
> Grepping href=["']http://www.openoffice.org/ gives 25,026 matches.
>
Maybe it makes sense to do the easy one first, the www subdomain
ones.. Most of them are simple href/source/url patterns.
Regards,
-Rob
>
> Regards
> --
> Ariel Constenla-Haile
> La Plata, Argentina
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by janI <ja...@apache.org>.
On 27 October 2013 11:53, imacat <im...@mail.imacat.idv.tw> wrote:
> Thanks for taking care of this. People are asking this on Wiki and
> forum (and even WWW) for long. And I know a wild card certificate is
> very costly.
>
Thanks for your kind words.
In all this discussion about www, please do NOT forget to test
https://wiki.openoffice.org
next weekend http://wiki.openoffice.org will be changed to a redirect to
https://wiki.openoffice.org and thereby all traffic will be https:
At the same time:
https://forum.openoffice.org
will be made available for test, and a week later
http://forum.openoffice.org will be changed to a redirect to
https://forum.openoffice.org and thereby all traffic will be https:
I have already now seen references to http:// this need to be changed,
otherwise users will get a warning.
rgds
jan I.
> On 2013/10/27 16:05, janI said:
> > On 27 October 2013 02:58, Ariel Constenla-Haile <ar...@apache.org>
> wrote:
> >
> >> On Sat, Oct 26, 2013 at 09:30:06PM -0400, Rob Weir wrote:
> >>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
> >>> <ar...@apache.org> wrote:
> >>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> >>>>> Hi.
> >>>>>
> >>>>> www.openoffice.org now accept both http: and https: as announced
> >>>>> earlier.
> >>>>>
> >>>>> We have however seen that e.g. product.css contain image tag with
> >>>>> http://xxx. All references must be relative (without http: and
> >>>>> https:). I hope the web admins can do make the needed changes.
> >>>>
> >>>> There are 26,349 matches of "http://www.openoffice.org/" in
> >>>> ooo-site.
> >>>>
> >>>
> >>> We *are not* going to change to a system that requires that links to
> >>> www.openoffice.org are all https. I hope that is not what is being
> >>> suggested. Remember, we have 10's of thousands of *external* links to
> >>> our website that we do control and cannot change.
> >>>
> >>> Please someone, tell me that this is not what is being suggested here.
> >>
> >
> > No its not, as I wrote in the part you quote, www.openoffice.org will
> > continue to have https: but also https: as pr request from the project.
> >
> > But if I might remind you sent a mail to infra, asking why https: was not
> > implemented for www.openoffice.org, which I and pctony responded to.
> >
> > And if you look at INFRA-6608, you will see a comment from andrea 3
> August:
> > "And we will want to use it, even though there is no authentication
> there,
> > for
> > http(s)://www.openoffice.org
> > (this is mainly because we receive a steady, even if low, amount of
> > complaints from users who cannot browse our main site on HTTPS). "
> >
> >
> > We infra have done exactly as the project asked us to do according to
> > INFRA-6608, and that is not correct ??
> >
> > I actually never understood why https: was wanted on www.openoffice.org,
> > but it was not a problem to do it, so it was done.
> >
> > today is a day where I am less proud of being AOO-PMC. We (AOO) have
> been
> > after infra to get a certificate and get it implemented. Yesterday mark
> > took a big chunk of time and with some help from me, got it implemented.
> I
> > think infra should have a "thank you", instead !
> >
> >
> > I have of course a double heart in this situation, but I am sure this is
> > not a good way, to work together.
> >
> > rgds
> > jan I.
> >
> >
> >
> >>
> >> were you have href="http://www.openoffice.org/some_resource", it should
> >> be href="/some_resource" (nothing crazy, but a good practice).
> >>
> >> Grepping href=["']http://www.openoffice.org/ gives 25,026 matches.
> >>
> >>
> >> Regards
> >> --
> >> Ariel Constenla-Haile
> >> La Plata, Argentina
> >>
> >
>
>
> --
> Best regards,
> imacat ^_*' <im...@mail.imacat.idv.tw>
> PGP Key http://www.imacat.idv.tw/me/pgpkey.asc
>
> <<Woman's Voice>> News: http://www.wov.idv.tw/
> Tavern IMACAT's http://www.imacat.idv.tw/
> Woman in FOSS in Taiwan http://wofoss.blogspot.com/
> OpenOffice http://www.openoffice.org/
> EducOO/OOo4Kids Taiwan http://www.educoo.tw/
> Greenfoot Taiwan http://greenfoot.westart.tw/
>
>
Re: call for help to test AOO www and AOO wiki (certificates for
*.o.o)
Posted by imacat <im...@mail.imacat.idv.tw>.
Thanks for taking care of this. People are asking this on Wiki and
forum (and even WWW) for long. And I know a wild card certificate is
very costly.
On 2013/10/27 16:05, janI said:
> On 27 October 2013 02:58, Ariel Constenla-Haile <ar...@apache.org> wrote:
>
>> On Sat, Oct 26, 2013 at 09:30:06PM -0400, Rob Weir wrote:
>>> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
>>> <ar...@apache.org> wrote:
>>>> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>>>>> Hi.
>>>>>
>>>>> www.openoffice.org now accept both http: and https: as announced
>>>>> earlier.
>>>>>
>>>>> We have however seen that e.g. product.css contain image tag with
>>>>> http://xxx. All references must be relative (without http: and
>>>>> https:). I hope the web admins can do make the needed changes.
>>>>
>>>> There are 26,349 matches of "http://www.openoffice.org/" in
>>>> ooo-site.
>>>>
>>>
>>> We *are not* going to change to a system that requires that links to
>>> www.openoffice.org are all https. I hope that is not what is being
>>> suggested. Remember, we have 10's of thousands of *external* links to
>>> our website that we do control and cannot change.
>>>
>>> Please someone, tell me that this is not what is being suggested here.
>>
>
> No its not, as I wrote in the part you quote, www.openoffice.org will
> continue to have https: but also https: as pr request from the project.
>
> But if I might remind you sent a mail to infra, asking why https: was not
> implemented for www.openoffice.org, which I and pctony responded to.
>
> And if you look at INFRA-6608, you will see a comment from andrea 3 August:
> "And we will want to use it, even though there is no authentication there,
> for
> http(s)://www.openoffice.org
> (this is mainly because we receive a steady, even if low, amount of
> complaints from users who cannot browse our main site on HTTPS). "
>
>
> We infra have done exactly as the project asked us to do according to
> INFRA-6608, and that is not correct ??
>
> I actually never understood why https: was wanted on www.openoffice.org,
> but it was not a problem to do it, so it was done.
>
> today is a day where I am less proud of being AOO-PMC. We (AOO) have been
> after infra to get a certificate and get it implemented. Yesterday mark
> took a big chunk of time and with some help from me, got it implemented. I
> think infra should have a "thank you", instead !
>
>
> I have of course a double heart in this situation, but I am sure this is
> not a good way, to work together.
>
> rgds
> jan I.
>
>
>
>>
>> were you have href="http://www.openoffice.org/some_resource", it should
>> be href="/some_resource" (nothing crazy, but a good practice).
>>
>> Grepping href=["']http://www.openoffice.org/ gives 25,026 matches.
>>
>>
>> Regards
>> --
>> Ariel Constenla-Haile
>> La Plata, Argentina
>>
>
--
Best regards,
imacat ^_*' <im...@mail.imacat.idv.tw>
PGP Key http://www.imacat.idv.tw/me/pgpkey.asc
<<Woman's Voice>> News: http://www.wov.idv.tw/
Tavern IMACAT's http://www.imacat.idv.tw/
Woman in FOSS in Taiwan http://wofoss.blogspot.com/
OpenOffice http://www.openoffice.org/
EducOO/OOo4Kids Taiwan http://www.educoo.tw/
Greenfoot Taiwan http://greenfoot.westart.tw/
Re: call for help to test AOO www and AOO wiki (certificates for
*.o.o)
Posted by Andrea Pescetti <pe...@apache.org>.
janI wrote:
> And if you look at INFRA-6608, you will see a comment from andrea 3 August:
> "And we will want to use it, even though there is no authentication there,
> for
> http(s)://www.openoffice.org
> (this is mainly because we receive a steady, even if low, amount of
> complaints from users who cannot browse our main site on HTTPS). "
Explaining myself: even before this became a global trend, people were
using stuff like https://www.eff.org/https-everywhere for enhanced
security. If they tried browsing http://www.openoffice.org the plugin
would automatically have rewritten it to https://www.openoffice.org and
then they would have seen a bad certificate mismatch warning. Now, on
some pages (but, as far as I can tell, not the home page or those I
checked) they may get the "mixed http/https" warning already discussed,
but this far less problematic.
I see more problematic the fact that
http://it.openoffice.org
and
https://it.openoffice.org
lead to two different sites due to rewriting. Is this something that can
be fixed, perhaps by reimplementing the same rewriting rules for HTTPS?
And a short note about the discussion: the issue is small and was
exaggerated too much. We are surely grateful to Infra for their
assistance, but at times we need to make questions to understand better.
In this case everything was then clarified, but it had to. And the only
way was to make questions and get answers. Same for the paragraph above:
it is just a question, not a sign of disrespect for Infra or Jan's work,
which we all highly appreciate.
The focus needs now to move to the wiki, since there things will be
potentially broken if we enforce HTTPS before testing it thoroughly. I
suggest that we wait to have some concrete feedback before enforcing
HTTPS: if by the next weekend nobody has given feedback on some
tests/fixes on the HTTPS version https://wiki.openoffice.org/ , it
wouldn't seem wise to me to go on with the changes.
Regards,
Andrea.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by janI <ja...@apache.org>.
On 27 October 2013 13:34, Rob Weir <ro...@apache.org> wrote:
> On Sun, Oct 27, 2013 at 4:05 AM, janI <ja...@apache.org> wrote:
> > On 27 October 2013 02:58, Ariel Constenla-Haile <ar...@apache.org>
> wrote:
> >
> >> On Sat, Oct 26, 2013 at 09:30:06PM -0400, Rob Weir wrote:
> >> > On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
> >> > <ar...@apache.org> wrote:
> >> > > On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> >> > >> Hi.
> >> > >>
> >> > >> www.openoffice.org now accept both http: and https: as announced
> >> > >> earlier.
> >> > >>
> >> > >> We have however seen that e.g. product.css contain image tag with
> >> > >> http://xxx. All references must be relative (without http: and
> >> > >> https:). I hope the web admins can do make the needed changes.
> >> > >
> >> > > There are 26,349 matches of "http://www.openoffice.org/" in
> >> > > ooo-site.
> >> > >
> >> >
> >> > We *are not* going to change to a system that requires that links to
> >> > www.openoffice.org are all https. I hope that is not what is being
> >> > suggested. Remember, we have 10's of thousands of *external* links to
> >> > our website that we do control and cannot change.
> >> >
> >> > Please someone, tell me that this is not what is being suggested here.
> >>
> >
> > No its not, as I wrote in the part you quote, www.openoffice.org will
> > continue to have https: but also https: as pr request from the project.
> >
> > But if I might remind you sent a mail to infra, asking why https: was not
> > implemented for www.openoffice.org, which I and pctony responded to.
> >
> > And if you look at INFRA-6608, you will see a comment from andrea 3
> August:
> > "And we will want to use it, even though there is no authentication
> there,
> > for
> > http(s)://www.openoffice.org
> > (this is mainly because we receive a steady, even if low, amount of
> > complaints from users who cannot browse our main site on HTTPS). "
> >
> >
> > We infra have done exactly as the project asked us to do according to
> > INFRA-6608, and that is not correct ??
> >
>
> There is nothing wrong, IMHO, with supporting https for
> www.openoffice.org. There is nothing wrong, IMHO, with *not*
> supporting https for www.openoffice.org as well. The problem has been
> the confusion caused to users when they get an error about an invalid
> certificate when using https with www.openoffice, due to the
> apache.org certificate previously associated with it. The mismatch
> was the issue. But it should be sufficient to support https on
> request for the www subdomain. We don't have any security reason to
> have it be the default for the static website, or at least none that I
> know of.
>
> So that is the question: support https versus automatically
> redirecting http to https.
>
May I politely correct, NO one has talked about redirection of
www.openoffice.org.
If you read my (and earlier) mails, I have written
support http: and https:
You are able to view www.openoffice.org as:
http://www.openoffice.org
or
https://www.openoffice.org
that is the users choice.
Redirection is only mentioned for wiki.o.o and forum.o.o, where it is
needed for security reasons.
You are able to call http://wiki.openoffice.org, but will be redirected to
https://wiki.openoffice.org and all further communication will be https:
> My concern, as stated, was regarding the stability of external URLs
> using http and whether they would continue to resolve. I wanted to
> have some discussion before we started to make bulk edit changes to
> thousands of web and wiki pages. I don't think this request was
> unreasonable.
>
The request is not at all unreasonable, but 2 things:
- I read about 10 mails with numbers and "will not do", before infra was
given a thank for spending a saturday solving a AOO problem.
- The bulk edit changes should have discussed and made a while ago, when or
before the ticket was issued, and at least before AOO send mails to infra
asking why it isnt implemented. It is a bit late (but not causing real
problems) to do it afterward.
This lack of work is the reason, I try so hard to get https://wiki tested,
because I know we have exact the same problem, with the difference
http://wiki will not be available.
I have spent my morning seeing how the bulk changes can be done, and it can
be done automatic:
- for www, do "svn co", and use e.g. sed to edit all pages with a regex.
Templates is something I dont know, so that might change the work a bit.
- for wiki, any vm-admin can open mysql, and do a update statement on the
text tables.
- for forum any vm-admin can open mysql, and do update statement on the
text tables, there might be a config issue with the avatars.
Infra secures that www/wiki/forum works technically and e.g. wiki
configuration was changed to allow https: forum configuration is prepared.
Infra does not and cannot modify the content of the services.
>
> > I actually never understood why https: was wanted on www.openoffice.org,
> > but it was not a problem to do it, so it was done.
> >
>
> Hopefully what I wrote above clarifies.
>
> > today is a day where I am less proud of being AOO-PMC. We (AOO) have
> been
> > after infra to get a certificate and get it implemented. Yesterday mark
> > took a big chunk of time and with some help from me, got it implemented.
> I
> > think infra should have a "thank you", instead !
> >
> >
> > I have of course a double heart in this situation, but I am sure this is
> > not a good way, to work together.
> >
>
> Jan, you don't live in a question-free zone. No one's actions in this
> project are immune from other project members expressing opinions or
> asking questions. Understanding that and accepting that is a good way
> to work together.
>
I have no problem with questions, that is a good way of learning more. I
hope I have explained that part above.
But asking infra why https: is not implemented, without having our own
ground work done, is asking for trouble.
> And thanks for your efforts. They are, as always, greatly appreciated.
>
no problem, I am just trying to implement infra-6608. I hope the wiki/forum
moves can be done without these unpleasant waves afterward !
Please understand why this is a big issue for me, this is in no way
personal but infra like all other projects consist of volunteers, and if
you as volunteer have 10 tasks to do, and 1 is from someone that often
react negative, I bet nearly everybody would do the 9 tasks first, hope for
9 other nice tasks before having to do the 1. In other words its human that
negative tasks get low priority, and I dont want AOO to be in that position.
FYI, It happened now was because I spoke with mark about some code-signing
cert issues, and we found a way to share the work. Had I foreseen the waves
I would honestly have done 9 other tasks.
rgds
jan I.
> -Rob
>
> > rgds
> > jan I.
> >
> >
> >
> >>
> >> were you have href="http://www.openoffice.org/some_resource", it should
> >> be href="/some_resource" (nothing crazy, but a good practice).
> >>
> >> Grepping href=["']http://www.openoffice.org/ gives 25,026 matches.
> >>
> >>
> >> Regards
> >> --
> >> Ariel Constenla-Haile
> >> La Plata, Argentina
> >>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: dev-help@openoffice.apache.org
>
>
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Rob Weir <ro...@apache.org>.
On Sun, Oct 27, 2013 at 4:05 AM, janI <ja...@apache.org> wrote:
> On 27 October 2013 02:58, Ariel Constenla-Haile <ar...@apache.org> wrote:
>
>> On Sat, Oct 26, 2013 at 09:30:06PM -0400, Rob Weir wrote:
>> > On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
>> > <ar...@apache.org> wrote:
>> > > On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>> > >> Hi.
>> > >>
>> > >> www.openoffice.org now accept both http: and https: as announced
>> > >> earlier.
>> > >>
>> > >> We have however seen that e.g. product.css contain image tag with
>> > >> http://xxx. All references must be relative (without http: and
>> > >> https:). I hope the web admins can do make the needed changes.
>> > >
>> > > There are 26,349 matches of "http://www.openoffice.org/" in
>> > > ooo-site.
>> > >
>> >
>> > We *are not* going to change to a system that requires that links to
>> > www.openoffice.org are all https. I hope that is not what is being
>> > suggested. Remember, we have 10's of thousands of *external* links to
>> > our website that we do control and cannot change.
>> >
>> > Please someone, tell me that this is not what is being suggested here.
>>
>
> No its not, as I wrote in the part you quote, www.openoffice.org will
> continue to have https: but also https: as pr request from the project.
>
> But if I might remind you sent a mail to infra, asking why https: was not
> implemented for www.openoffice.org, which I and pctony responded to.
>
> And if you look at INFRA-6608, you will see a comment from andrea 3 August:
> "And we will want to use it, even though there is no authentication there,
> for
> http(s)://www.openoffice.org
> (this is mainly because we receive a steady, even if low, amount of
> complaints from users who cannot browse our main site on HTTPS). "
>
>
> We infra have done exactly as the project asked us to do according to
> INFRA-6608, and that is not correct ??
>
There is nothing wrong, IMHO, with supporting https for
www.openoffice.org. There is nothing wrong, IMHO, with *not*
supporting https for www.openoffice.org as well. The problem has been
the confusion caused to users when they get an error about an invalid
certificate when using https with www.openoffice, due to the
apache.org certificate previously associated with it. The mismatch
was the issue. But it should be sufficient to support https on
request for the www subdomain. We don't have any security reason to
have it be the default for the static website, or at least none that I
know of.
So that is the question: support https versus automatically
redirecting http to https.
My concern, as stated, was regarding the stability of external URLs
using http and whether they would continue to resolve. I wanted to
have some discussion before we started to make bulk edit changes to
thousands of web and wiki pages. I don't think this request was
unreasonable.
> I actually never understood why https: was wanted on www.openoffice.org,
> but it was not a problem to do it, so it was done.
>
Hopefully what I wrote above clarifies.
> today is a day where I am less proud of being AOO-PMC. We (AOO) have been
> after infra to get a certificate and get it implemented. Yesterday mark
> took a big chunk of time and with some help from me, got it implemented. I
> think infra should have a "thank you", instead !
>
>
> I have of course a double heart in this situation, but I am sure this is
> not a good way, to work together.
>
Jan, you don't live in a question-free zone. No one's actions in this
project are immune from other project members expressing opinions or
asking questions. Understanding that and accepting that is a good way
to work together.
And thanks for your efforts. They are, as always, greatly appreciated.
-Rob
> rgds
> jan I.
>
>
>
>>
>> were you have href="http://www.openoffice.org/some_resource", it should
>> be href="/some_resource" (nothing crazy, but a good practice).
>>
>> Grepping href=["']http://www.openoffice.org/ gives 25,026 matches.
>>
>>
>> Regards
>> --
>> Ariel Constenla-Haile
>> La Plata, Argentina
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by janI <ja...@apache.org>.
On 27 October 2013 02:58, Ariel Constenla-Haile <ar...@apache.org> wrote:
> On Sat, Oct 26, 2013 at 09:30:06PM -0400, Rob Weir wrote:
> > On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
> > <ar...@apache.org> wrote:
> > > On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> > >> Hi.
> > >>
> > >> www.openoffice.org now accept both http: and https: as announced
> > >> earlier.
> > >>
> > >> We have however seen that e.g. product.css contain image tag with
> > >> http://xxx. All references must be relative (without http: and
> > >> https:). I hope the web admins can do make the needed changes.
> > >
> > > There are 26,349 matches of "http://www.openoffice.org/" in
> > > ooo-site.
> > >
> >
> > We *are not* going to change to a system that requires that links to
> > www.openoffice.org are all https. I hope that is not what is being
> > suggested. Remember, we have 10's of thousands of *external* links to
> > our website that we do control and cannot change.
> >
> > Please someone, tell me that this is not what is being suggested here.
>
No its not, as I wrote in the part you quote, www.openoffice.org will
continue to have https: but also https: as pr request from the project.
But if I might remind you sent a mail to infra, asking why https: was not
implemented for www.openoffice.org, which I and pctony responded to.
And if you look at INFRA-6608, you will see a comment from andrea 3 August:
"And we will want to use it, even though there is no authentication there,
for
http(s)://www.openoffice.org
(this is mainly because we receive a steady, even if low, amount of
complaints from users who cannot browse our main site on HTTPS). "
We infra have done exactly as the project asked us to do according to
INFRA-6608, and that is not correct ??
I actually never understood why https: was wanted on www.openoffice.org,
but it was not a problem to do it, so it was done.
today is a day where I am less proud of being AOO-PMC. We (AOO) have been
after infra to get a certificate and get it implemented. Yesterday mark
took a big chunk of time and with some help from me, got it implemented. I
think infra should have a "thank you", instead !
I have of course a double heart in this situation, but I am sure this is
not a good way, to work together.
rgds
jan I.
>
> were you have href="http://www.openoffice.org/some_resource", it should
> be href="/some_resource" (nothing crazy, but a good practice).
>
> Grepping href=["']http://www.openoffice.org/ gives 25,026 matches.
>
>
> Regards
> --
> Ariel Constenla-Haile
> La Plata, Argentina
>
Re: call for help to test AOO www and AOO wiki (certificates for
*.o.o)
Posted by Ariel Constenla-Haile <ar...@apache.org>.
On Sat, Oct 26, 2013 at 09:30:06PM -0400, Rob Weir wrote:
> On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
> <ar...@apache.org> wrote:
> > On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> >> Hi.
> >>
> >> www.openoffice.org now accept both http: and https: as announced
> >> earlier.
> >>
> >> We have however seen that e.g. product.css contain image tag with
> >> http://xxx. All references must be relative (without http: and
> >> https:). I hope the web admins can do make the needed changes.
> >
> > There are 26,349 matches of "http://www.openoffice.org/" in
> > ooo-site.
> >
>
> We *are not* going to change to a system that requires that links to
> www.openoffice.org are all https. I hope that is not what is being
> suggested. Remember, we have 10's of thousands of *external* links to
> our website that we do control and cannot change.
>
> Please someone, tell me that this is not what is being suggested here.
were you have href="http://www.openoffice.org/some_resource", it should
be href="/some_resource" (nothing crazy, but a good practice).
Grepping href=["']http://www.openoffice.org/ gives 25,026 matches.
Regards
--
Ariel Constenla-Haile
La Plata, Argentina
Re: call for help to test AOO www and AOO wiki (certificates for *.o.o)
Posted by Rob Weir <ro...@apache.org>.
On Sat, Oct 26, 2013 at 5:05 PM, Ariel Constenla-Haile
<ar...@apache.org> wrote:
> On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
>> Hi.
>>
>> www.openoffice.org now accept both http: and https: as announced earlier.
>>
>> We have however seen that e.g. product.css contain image tag with http://xxx.
>> All references must be relative (without http: and https:). I hope the web
>> admins can do make the needed changes.
>
> There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
>
We *are not* going to change to a system that requires that links to
www.openoffice.org are all https. I hope that is not what is being
suggested. Remember, we have 10's of thousands of *external* links to
our website that we do control and cannot change.
Please someone, tell me that this is not what is being suggested here.
-Rob
>
> Regards
> --
> Ariel Constenla-Haile
> La Plata, Argentina
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org
Re: call for help to test AOO www and AOO wiki (certificates for
*.o.o)
Posted by Ariel Constenla-Haile <ar...@apache.org>.
On Sat, Oct 26, 2013 at 10:54:59PM +0200, janI wrote:
> Hi.
>
> www.openoffice.org now accept both http: and https: as announced earlier.
>
> We have however seen that e.g. product.css contain image tag with http://xxx.
> All references must be relative (without http: and https:). I hope the web
> admins can do make the needed changes.
There are 26,349 matches of "http://www.openoffice.org/" in ooo-site.
Regards
--
Ariel Constenla-Haile
La Plata, Argentina