URIs on WDTK pages should be relative

[Flupsy]

Some URIs returned by WDTK are relative, but others are absolute (e.g. 'Sign in or sign up' is http://www.whatdotheyknow.com/profile/sign_in?r=%2F). This means that a simple HTTPS redirect in front of the site won't work because absolute URIs will still use HTTP.

We could rewrite the HTML on the fly, but I'd like to avoid this processing overhead if possible.

[mlandauer]

Working my way through the links on the site and changing them to relative urls (in Rails world using _path rather than _url helpers) with the exception of:

• absolute urls in the admin interface
• absolute urls in the main interface that point to the admin interface

Leaving this so that the proxying setup (which I haven't actually used) for the admin interface will still work. However, if we're going to have the option of serving the whole site over ssl it would be great to not have to support this. Then, we could systematically make the internal links all relative and get rid of main_url (https://github.com/mysociety/alaveteli/blob/develop/app/helpers/link_to_helper.rb#L240), admin_url (https://github.com/mysociety/alaveteli/blob/develop/app/helpers/link_to_helper.rb#L221) and the configuration ADMIN_BASE_URL in config/general.yml

@crowbot what do you think about removing support for the proxying access to the admin interface? (after issue #684 is done)

[frabcus]

+1 for removing the proxying admin access!

With my "back when I wrote it" hat on, it was just to avoid us buying
another SSL certificate.

Nowdays, really the main WhatDoTheyKnow website should be all on
https anyway, like every other site (e.g. right now I'm guessing you
can sniff people's email address when they log into it at an Internet
cafe)

So I propose:

1. mySociety buys an SSL cert for whatdotheyknow.com
2. They move the whole site to use https only.
3. You all get rid of the admin proxying.

Francis

On Tue, Feb 12, 2013 at 08:19:21PM -0800, Matthew Landauer wrote:

Working my way through the links on the site and changing them to relative urls (in Rails world using _path rather than _url helpers) with the exception of:

• absolute urls in the admin interface
• absolute urls in the main interface that point to the admin interface

Leaving this so that the proxying setup (which I haven't actually used) for the admin interface will still work. However, if we're going to have the option of serving the whole site over ssl it would be great to not have to support this. Then, we could systematically make the internal links all relative and get rid of main_url (https://github.com/mysociety/alaveteli/blob/develop/app/helpers/link_to_helper.rb#L240), admin_url (https://github.com/mysociety/alaveteli/blob/develop/app/helpers/link_to_helper.rb#L221) and the configuration ADMIN_BASE_URL in config/general.yml

@crowbot what do you think about removing support for the proxying access to the admin interface?

---

Reply to this email directly or view it on GitHub:
#692 (comment)

[crowbot]

Yep, let's plan to stop proxying once we're able to run the whole site over https. We already have the certificate for this.

[crowbot]

Closed in fc770ee.