Merge lp:~davidc3/unity-scope-reddit/new-ssl-uri into lp:unity-scope-reddit

Proposed by David Callé on 2014-04-26
Status: Merged
Approved by: David Callé on 2014-05-02
Approved revision: 6
Merged at revision: 5
Proposed branch: lp:~davidc3/unity-scope-reddit/new-ssl-uri
Merge into: lp:unity-scope-reddit
Diff against target: 12 lines (+1/-1)
1 file modified
src/unity_reddit_daemon.py (+1/-1)
To merge this branch: bzr merge lp:~davidc3/unity-scope-reddit/new-ssl-uri
Reviewer Review Type Date Requested Status
David Callé Approve on 2014-05-02
PS Jenkins bot continuous-integration Approve on 2014-05-02
Simon Davy Approve on 2014-05-02
Chris Wayne 2014-04-26 Approve on 2014-04-27
Review via email: mp+217342@code.launchpad.net

Commit message

New API uri

Description of the change

New API uri

To post a comment you must log in.
PS Jenkins bot (ps-jenkins) wrote :

FAILED: Continuous integration, rev:5
No commit message was specified in the merge proposal. Click on the following link and set the commit message (if you want a jenkins rebuild you need to trigger it yourself):
https://code.launchpad.net/~davidc3/unity-scope-reddit/new-ssl-uri/+merge/217342/+edit-commit-message

http://jenkins.qa.ubuntu.com/job/unity-scope-reddit-ci/9/
Executed test runs:
    SUCCESS: http://jenkins.qa.ubuntu.com/job/unity-scope-reddit-saucy-amd64-ci/9
    SUCCESS: http://jenkins.qa.ubuntu.com/job/unity-scope-reddit-saucy-armhf-ci/9
    SUCCESS: http://jenkins.qa.ubuntu.com/job/unity-scope-reddit-saucy-i386-ci/9

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/unity-scope-reddit-ci/9/rebuild

review: Needs Fixing (continuous-integration)
Chris Wayne (cwayne18) wrote :

LGTM

review: Approve
David Callé (davidc3) wrote :

Thanks Chris, but before merging, I'm reaching to Reddit to get a definitive answer on their ssl API, this one appears to be redirecting to http anyway.

review: Needs Information
Olli Ries (ories) wrote :

what about the cert check, suggested by Marc? Ben's comments in the bug also seem to indicate that simply changing the URL won't fix it.

6. By David Callé on 2014-05-02

Last week of research shows that no proper ssl reddit uri exists today for non-authenticated API calls. Switching to http for the server->reddit talk, user to server is -as always- https

Simon Davy (bloodearnest) :
review: Approve
Simon Davy (bloodearnest) wrote :

> what about the cert check, suggested by Marc? Ben's comments in the bug also
> seem to indicate that simply changing the URL won't fix it.

It will provide unauthenticated encryption, which is better than no encryption. Only prevents casual eavesdropping, not MITM, but that fix is bit more involved.

review: Approve
David Callé (davidc3) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'src/unity_reddit_daemon.py'
2--- src/unity_reddit_daemon.py 2013-09-24 22:21:01 +0000
3+++ src/unity_reddit_daemon.py 2014-05-02 10:15:40 +0000
4@@ -30,7 +30,7 @@
5
6 GROUP_NAME = 'com.canonical.Unity.Scope.Info.Reddit'
7 UNIQUE_PATH = '/com/canonical/unity/scope/info/reddit'
8-SEARCH_URI = 'https://reddit.com/'
9+SEARCH_URI = 'http://reddit.com/'
10 SEARCH_HINT = _('Search Reddit')
11 NO_RESULTS_HINT = _('Sorry, there are no subreddits that match your search.')
12 PROVIDER_CREDITS = _('Powered by Reddit')

Subscribers

People subscribed via source and target branches

to all changes: