Display of transcluded templates
- Unless it is a banking website or there is another good reason, it is usually better to use the non secure version of a website (http) rather than (https). This is because the padlock symbol for the secure version is both larger and more obtrusive and gives less of the visual clue that it is a hyperlink. Also, there are often problems with security certificates that may hinder the traveller. In the case of a link to Wikipedia - which this template employed - there is rarely a requirement to have a secure link.
- There is a definite server lag between a template that is used on as many pages as this one being changed, and the effects of the change being implemented.
- Also, if you have looked at the page before, their may be the previous version of the transclusion stored in your browser cache, so you may need to flush your cache to see the effects of the change... --18.104.22.168 17:46, 16 February 2014 (EST)
- Secure sites Using HTTPS is always a good idea. Encrypted communications help protect users' privacy and freedom. While it is certainly possible that Wikipedia's security certificate could be revoked, it doesn't seem very likely. Do you know of any problems with the template invoking HTTP on pages still? I know that there are several technical quirks here... Koavf (talk) 23:38, 16 February 2014 (EST)
- If you read Edward Snowden's revelations about the US's National Security Agency and the UK's GCHQ snooping, then it's debatable how much security there is over the internet. Why would you need a secure connection just to look at a Wikipedia article on IATA codes any way?
- And I did not mean security certificate being revoked but that's really subsidiary to the main difficulty that we need to change our code so that there is an equal visual clue that readers are going to be taken away from this site.
- It does not affect my main argument about visual clues, but currently an https connection to Wikipedia puts up a warning message on my browser of "You are connected to wikipedia.org which is run by (unknown)". --Ttcf (talk) 00:26, 17 February 2014 (EST)
- This edit, with the edit comment of "please don't change templates and policy pages without community and admin consensus" made the following substantive changes:
- 1) It changed the Wikipedia link from the page that actually has the codes useful to the traveller to a page explaining what IATA, the association, is, how it functions and its history. I believe this change is less helpful for travellers.
- 2) Contrary to our established policy stated at Wikitravel:Links_to Wikipedia#Different subject of "The alternative style of putting a colon in front of the "WikiPedia", like this: [[:WikiPedia:Article title on Wikipedia]] is strongly deprecated and is not permitted in the Main namespace", the linking style was changed to the deprecated style so that no signal at all is given to the traveller that they are going to leave this site when they click the link (rather than go to another page on this site - an internal link).
- 3) The example of what the template actually produces was removed.
- I have asked the IBadmin who made these changes to explain her reasoning on this. --Ttcf (talk) 14:25, 18 February 2014 (EST)
Secure sites "Why would you need a secure connection just to look at a Wikipedia article on IATA codes any way?" I can imagine how (e.g.) if you're in Saudi Arabia and you are maybe thinking of visiting Israel, you would want that information encrypted on your device. Koavf (talk) 01:37, 26 February 2014 (EST)
- Ssssshhhhh, don't tell the well-financed spooks of the Kingdom's intelligence services about Komodia’s SSL Decoder/Digestor, the Israeli tourist board might complain...
- Some more light reading: How is SSL hopelessly broken? Let us count the ways.., Why Apple's 25 February 2014 Security Flaw Is So Scary...
- A telling quote: "... This sort of subtle bug deep in the code is a nightmare. I believe that it's just a mistake and I feel very bad for whomever might have slipped in an editor and created it....The NSA mines an insane amount of data from every service you use. Nothing is sacred. The Washington Post has discovered that the NSA and FBI have teamed up to tap into the servers of nine US tech companies… It doesn't take too much of a stretch of the imagination, though, to draw a few shaky lines between this bug and the NSA's PRISM program. No less an Apple devotee than John Gruber did just that last night, pointing out that the "goto fail;" command first snuck into iOS 6.0, which shipped just a month before Apple was reportedly added to the spy agency's info-snooping PRISM program. --Ttcf (talk) 20:12, 26 February 2014 (EST)