Implement support for secure transfer protocols (SFTP and/or SCP) [extension fodder]
Categories
(Calendar :: Internal Components, enhancement)
Tracking
(Not tracked)
People
(Reporter: trav, Unassigned)
References
Details
(Whiteboard: [extension fodder])
Comment 1•22 years ago
|
||
Comment 7•22 years ago
|
||
Comment 8•21 years ago
|
||
Comment 9•21 years ago
|
||
Comment 10•20 years ago
|
||
Updated•19 years ago
|
Comment 11•19 years ago
|
||
Updated•17 years ago
|
Comment 13•17 years ago
|
||
Comment 14•17 years ago
|
||
Updated•17 years ago
|
Comment 15•17 years ago
|
||
Comment 16•16 years ago
|
||
Comment 17•16 years ago
|
||
Updated•15 years ago
|
Comment 18•15 years ago
|
||
Comment 19•12 years ago
|
||
Comment 20•6 years ago
|
||
Comment 21•6 years ago
|
||
Before recently, ISP's offered a choice between FTP and sFTP. Because of the new privacy regulations, which makes transferring personal data over insecure connections illegal, my ISP offers no choice any more but forces people to use sFTP. It says to "stop with unsecure FTP access. Update your FTP client settings to sFTP" from April 30th 2019 onwards. See https://www.dds.nl/helpdesk/ftp.php or the automated English translation at https://translate.google.com/translate?sl=nl&tl=en&u=https%3A%2F%2Fwww.dds.nl%2Fhelpdesk%2Fftp.php .
This means, I guess, that Composer cannot be used at this ISP any more for publishing, in one and a half month. But since the new privacy regulations apply all over Europe, it is a growing trend of switching to sFTP only at all ISP's in Europe. This means the end of Composer, if not Seamonkey, on this continent, which makes this bug critical.
Can sFTP in Core and in Composer be implemented on the short term?
Like banks allow online banking only with https:// and not with http://, ISP's are switching now to sftp:// from ftp://. Filezilla knows this protocol, see https://www.dds.nl/helpdesk/cat.php?cat=homepage&id=3 or the automated translation at https://translate.google.com/translate?sl=nl&tl=en&u=https%3A%2F%2Fwww.dds.nl%2Fhelpdesk%2Fcat.php%3Fcat%3Dhomepage%26id%3D3 . So the open source code from FileZilla can be used to implement sFTP.
Updated•6 years ago
|
Updated•6 years ago
|
Updated•6 years ago
|
Updated•6 years ago
|
Comment 22•6 years ago
|
||
Please don't move this around, there was already a decision to WONTFIX this bug and defer to an extension. It is definitely not a core bug. Core has decided not to implement this in bug 39714, if the conditions have changed please file a new bug.
Comment 23•6 years ago
|
||
Johannes Leushuis there are workarounds, you can use sshfs to mount a directory via sftp, or use an sftp client to transfer files when you're ready to publish.
Philipp Kewisch there is a big Publish button in Composer which can only use an insecure protocol. Publishing is core functionality. What if Mail could only use SMTP and not SMTPS? Would you rely on an extension to secure people's mail? No.
I use Composer every day. I believe it adds value to the suite to be a content creator instead of just a content consumer. What is the process for getting this reconsidered (after 17 years! people are still asking for it!) as a roadmap item?
Comment 24•6 years ago
|
||
As mentioned, please check the criteria in bug 39714 and file a new bug if it is met. If core supports these protocols via an URL handler, Lightning can make use of it as well.
Description
•