Last modified: 2013-12-07 00:10:24 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T58485, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 56485 - Catches non-http/https links, but cannot whitelist them via MediaWiki:Captcha-addurl-whitelist
Catches non-http/https links, but cannot whitelist them via MediaWiki:Captcha...
Status: RESOLVED FIXED
Product: MediaWiki extensions
Classification: Unclassified
ConfirmEdit (CAPTCHA extension) (Other open bugs)
master
All All
: Normal normal with 1 vote (vote)
: ---
Assigned To: Brad Jorsch
https://en.wikipedia.org/wiki/Wikiped...
:
: 57468 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-11-01 19:29 UTC by Brad Jorsch
Modified: 2013-12-07 00:10 UTC (History)
3 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Brad Jorsch 2013-11-01 19:29:44 UTC 
The ConfirmEdit extension allows for local wikis to whitelist links using [[MediaWiki:Captcha-addurl-whitelist]]. But this only allows for whitelisting http and https links, even though the extension will trigger a captcha for any protocol.

The question here is twofold:
1. Should ConfirmEdit trigger captchas for other types of links in the first place?
2. If so, how can we extend [[MediaWiki:Captcha-addurl-whitelist]] to allow these to be whitelisted?

Personally, I'm inclined to answer "yes" and "Perhaps add flags like in [[MediaWiki:TitleBlacklist]], one of which would indicate that this line should not be prefixed with /^https?:\/\/+[a-z0-9_\-.]*/"
Comment 1 Dan Garry 2013-11-12 15:34:08 UTC 
(In reply to comment #0)
> Personally, I'm inclined to answer "yes" and "Perhaps add flags like in
> [[MediaWiki:TitleBlacklist]], one of which would indicate that this line
> should not be prefixed with /^https?:\/\/+[a-z0-9_\-.]*/"

This sounds sensible to me.
Comment 2 torty3 2013-11-23 01:11:30 UTC 
*** Bug 57468 has been marked as a duplicate of this bug. ***
Comment 3 torty3 2013-11-23 01:13:34 UTC 
Should have checked the bug list beforehand. This above modification would be much appreciated.

--

On the English Wikivoyage, we have added tel:// protocol links to phone numbers
so that users can dial through on their mobile phones. However, since tel://
links are considered external links, all new phone numbers added now require a
CAPTCHA to be filled.

I checked MediaWiki:Captcha-addurl-whitelist, but it seems that it is
restricted to HTTP/HTTPS. Is it possible to modify it to accept tel:// links,
and maybe even geo:// links?
Comment 4 Gerrit Notification Bot 2013-11-23 18:29:32 UTC 
Change 97317 had a related patch set uploaded by Anomie:
Allow 'noprotocol' option in captcha-addurl-whitelist

https://gerrit.wikimedia.org/r/97317
Comment 5 torty3 2013-11-24 13:07:58 UTC 
Thanks for the quick patch.

To confirm, the regex for whitelisting tel: links would be something along the lines of - 

tel <noprotocol> ?
Comment 6 Brad Jorsch 2013-11-24 19:34:35 UTC 
I had it on my todo list since November 1, and your comment coincidentally came at the same time I found the combination of volunteer time and motivation to work on it ;)

I'd use "tel:// <noprotocol>", or "tel: <noprotocol>" if the links don't use the //.
Comment 7 Gerrit Notification Bot 2013-12-06 17:54:04 UTC 
Change 97317 merged by jenkins-bot:
Allow 'noprotocol' option in captcha-addurl-whitelist

https://gerrit.wikimedia.org/r/97317
Comment 8 Brad Jorsch 2013-12-06 17:59:34 UTC 
Change merged. It should be deployed to WMF wikis with 1.23wmf7, see https://www.mediawiki.org/wiki/MediaWiki_1.23/Roadmap for the schedule.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links