dumps.wikimedia.org
Open, MediumPublicBUG REPORT
Actions

Assigned To

None

Authored By

	Platonides
	Fri, Nov 15, 1:47 AM

Description

The url http://dumps.wikimedia.org returns a 403:

< HTTP/1.1 403 Forbidden
< Server: nginx/1.18.0
< Date: Fri, 15 Nov 2024 01:31:00 GMT
< Content-Type: text/html
< Content-Length: 153
< Connection: keep-alive
< 
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.18.0</center>
</body>
</html>

Expected behavior:

It should 301 to https://dumps.wikimedia.org

https://dumps.wikimedia.org is already served with

Strict-Transport-Security: max-age=106384710; includeSubDomains; preload

so most clients will already convert http to https (either being baked in their browser or due to having visited it previously) but there's no reason to 403 instead of redirecting with a 301.

The http → https redirect is usually done by HAProxy, but dumps is a bit special in that it serves things directly (there is some background on T306550).