Currently we pull images (and CentralNotice JS) from http://upload.wikimedia.org even for pages accessed over SSL on https://secure.wikimedia.org/
This has a few problems:
- An attacker on an open network or MITM can see which images you're loading. Creepy!
- A MITM attacker could replace your images with something malicious/nasty (moderately annoying)
- A MITM attacker could replace JS files with something malicious (JavaScript injection -> could take over your session)
We didn't pay too much attention to the image issues originally since existing browsers don't seem to care much about images being loaded from an insecure URL; but Firefox 3.1b2 now complains about this and considers your page to be "mixed" secure/insecure, throwing up a dialog box (at least the first time) and giving you a broken lock icon which indicates an insecure page view, which is worrying.
Ideally we could provide an HTTPS proxy on https://upload.wikimedia.org for maximum convenience; alternately a proxy via https://secure.wikimedia.org/upload or such might be easier to set up in the short term.
The CentralNotice JS issue, which affects existing browsers and is more worrying, could be dealt with by providing an alternate location to access the files or a temporary proxy, or via direct hits to Special:NoticeText.
Version: unspecified
Severity: enhancement
URL: https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page