Bug 322249

Summary: Please let the Wikipedia applet use HTTPS
Product: [Applications] amarok Reporter: Tomasz Kaźmierczak <tomek-k>
Component: Context View/WikipediaAssignee: Amarok Developers <amarok-bugs-dist>
Status: RESOLVED FIXED    
Severity: wishlist CC: stuffcorpse
Priority: NOR    
Version: unspecified   
Target Milestone: 2.8   
Platform: Other   
OS: All   
Latest Commit: http://commits.kde.org/amarok/b773bc838147a45c8c9a8e4c9a3ba8cf2338abab Version Fixed In: 2.9
Sentry Crash Report:

Description Tomasz Kaźmierczak 2013-07-11 17:29:29 UTC 
Please make it possible for Amarok to connect to Wikipedia securely.

This should be fairly simple, given that, for some time now Wikipedia provides access through HTTPS using standard URLs (eg. https://en.wikipedia.org/wiki/Wikipedia, contrary to the situation some time ago, when one could access Wikipedia securely only using the secure.wikimedia.org domain).

Reproducible: Always

Steps to Reproduce:
1. Play a song in Amarok
Actual Results:  
It uses plain HTTP protocol to retrieve Wikipedia article on the played song (artist/album/etc.)

Expected Results:  
There should be an option (preferably turned on by default) to use the HTTPS protocol instead of HTTP.
Comment 1 Mark Kretschmann 2013-07-11 17:57:28 UTC 
I think we could do this. A question out of curiosity though: As there is no personal or sensitive data being transferred, what's the benefit?
Comment 2 Tomasz Kaźmierczak 2013-07-11 18:34:45 UTC 
More privacy:)
Yes - there is no sensitive data being sent, but I wouldn't agree on the point about personal data - when you listen to your music, the Wikipedia applet transfers information through the Internet about your music preferences. And your Internet provider also knows your personal data.

This can be an issue when, for example, some mobile carrier listens to your network traffic and then profiles you for targeted ad campaigns. Personally I've been attacked by my mobile carrier with ads of antivirus software after using my mobile phone to connect to the website of my bank ("secure your mobile online banking with this great antivirus software for your phone"). Sure that they couldn't listen to the encrypted traffic in this particular case (and the domain name of the website was enough for them to know I'm connecting to an online banking site), but you never know how far they are willing to go with unencrypted traffic. When you browse Wikipedia securely, they don't know what articles you're reading, so this would be enough protection of your privacy in this particular case.
Comment 3 Frank Meerkötter 2013-09-13 20:38:39 UTC 
Git commit 284342b48dc32341c3553fd2b0ee5069d75b58f9 by Frank Meerkötter.
Committed on 12/09/2013 at 19:44.
Pushed by fmeerkoetter into branch 'master'.

Enable Wikipedia over SSL.

This patch makes SSL the default. It also adds a checkbox to disable
it so if there would be a problem a fallback to HTTP is possible.
REVIEW: 112706
FIXED-IN: 2.9

M  +6    -0    src/context/applets/wikipedia/WikipediaApplet.cpp
M  +1    -0    src/context/applets/wikipedia/WikipediaApplet_p.h
M  +9    -2    src/context/applets/wikipedia/wikipediaGeneralSettings.ui
M  +15   -3    src/context/engines/wikipedia/WikipediaEngine.cpp

http://commits.kde.org/amarok/284342b48dc32341c3553fd2b0ee5069d75b58f9
Comment 4 vedant agarwala 2014-05-21 10:40:35 UTC 
Git commit b773bc838147a45c8c9a8e4c9a3ba8cf2338abab by Vedant Agarwala, on behalf of Frank Meerkötter.
Committed on 12/09/2013 at 19:44.
Pushed by vedanta into branch 'tagguessing'.

Enable Wikipedia over SSL.

This patch makes SSL the default. It also adds a checkbox to disable
it so if there would be a problem a fallback to HTTP is possible.
REVIEW: 112706
FIXED-IN: 2.9

M  +6    -0    src/context/applets/wikipedia/WikipediaApplet.cpp
M  +1    -0    src/context/applets/wikipedia/WikipediaApplet_p.h
M  +9    -2    src/context/applets/wikipedia/wikipediaGeneralSettings.ui
M  +15   -3    src/context/engines/wikipedia/WikipediaEngine.cpp

http://commits.kde.org/amarok/b773bc838147a45c8c9a8e4c9a3ba8cf2338abab