Wiki Miss offer Secure Connection while the connection over Onion

languages/i18n/en.json: “userlogin-signwithsecure”: “Use secure connection”,

userlogin-signwithsecure

https://doc.wikimedia.org/mediawiki-core/master/php/LoginSignupSpecialPage_8php_source.html

includes/specialpage/LoginSignupSpecialPage.php

            if ( $this->mSecureLoginUrl ) {
                    $secureLoginLink = Html::element( 'a', [
                            'href' => $this->mSecureLoginUrl,
                            'class' => 'mw-ui-flush-right mw-secure',
                    ], $this->msg( 'userlogin-signwithsecure' )->text() );
            }

I guess to avoid userlogin-signwithsecure being injected into the html we would need to influence the contents of variable mSecureLoginUrl.