Page MenuHomePhabricator
Create Task
Maniphest T112500

revert Ifc2454c7f (*.ggpht.com on wgCopyUploadsDomain) after Rijksmuseum done mass upload in 2015-10
Closed, ResolvedPublic
Actions

Description

See T110869

*.ggpht.com is google cloud servers used by many people (including non-free media), so we may want to revert it being allowed on commons (Ifc2454c7) after the glam upload is done.

Its projected this should be done sometime in early october. Contact for the upload project is @Spinster

Personal opinion that other people might not agree with: Its not super time-sensitive that this gets reverted immediately after the glam project is done (although it should be done at some point). Uploading via url is very restricted to certain user groups, so its unlikely anyone at commons is going to abuse this. My understanding is that the primary purpose of the whitelist is in the case of a malicious user in control of the other server trying to exploit bugs in curl, which presumably is less of an issue since google controls these servers and not some unknown party.

Details

ProjectBranchLines +/-Subject
operations/mediawiki-configmaster+0 -1Remove *.ggpht.com from Wikimedia Commons upload whitelist
Customize query in gerrit

Related Objects

Event Timeline

Bawolff created this task.Sep 14 2015, 7:44 AM
Bawolff raised the priority of this task from to Low.
Bawolff updated the task description. (Show Details)
Bawolff added projects: Commons, Wikimedia-Site-requests.
Bawolff added subscribers: Bawolff, Spinster.
Restricted Application added subscribers: Steinsplitter, Matanya, Aklapper. · View Herald TranscriptSep 14 2015, 7:44 AM
JeanFred added a subscriber: JeanFred.Sep 14 2015, 10:48 AM
Aklapper renamed this task from revert Ifc2454c7f (*.ggpht.com on wgCopyUploadsDomain) after Rijksmuseum done mass upload to revert Ifc2454c7f (*.ggpht.com on wgCopyUploadsDomain) after Rijksmuseum done mass upload in 2015-10.Sep 14 2015, 11:11 AM
Aklapper set Security to None.
Steinsplitter moved this task from Incoming to Backlog on the Commons board.Sep 18 2015, 1:16 PM
Glaisher moved this task from Backlog to Working on on the Wikimedia-Site-requests board.Sep 19 2015, 3:45 PM
Glaisher added a subscriber: Glaisher.

Moved to "Working on" so that this doesn't get lost in the backlog.

zhuyifei1999 moved this task from Backlog to Uploading (GWToolset, upload_by_url and server side upload) on the Commons board.Nov 15 2015, 2:21 PM
TTO added a subscriber: TTO.Dec 22 2015, 9:22 AM

Is this project finished?

Mdann52 added a subscriber: Mdann52.Jan 12 2016, 7:19 PM

Pinging @Spinster about the above

Restricted Application added a subscriber: JEumerus. · View Herald TranscriptJan 12 2016, 7:19 PM
Dereckson added subscribers: csteipp, Dereckson.Feb 10 2016, 1:28 AM

@csteipp Should we revert this by the way or keep it if there waiting for another GLAM project using Google Code Engine?

csteipp added a comment.Feb 10 2016, 6:21 PM

@Dereckson, yes, I would recommend delisting that domain once this project is finished.

Dereckson added a comment.Feb 11 2016, 4:15 AM

Okay, I've sent a mail to @Spinster to ask for update.

Spinster added a comment.Feb 11 2016, 9:39 AM

Yes, the upload is finished indeed and the domain can be delisted.

Dereckson claimed this task.Feb 13 2016, 1:17 AM

Thank you for the update.

gerritbot added a subscriber: gerritbot.Feb 13 2016, 1:22 AM

Change 270456 had a related patch set uploaded (by Dereckson):
Remove *.ggpht.com from Wikimedia Commons upload whitelist

https://gerrit.wikimedia.org/r/270456

gerritbot added a project: Patch-For-Review.Feb 13 2016, 1:22 AM
Dereckson moved this task from Working on to To deploy on the Wikimedia-Site-requests board.Feb 13 2016, 1:23 AM
gerritbot added a comment.Feb 16 2016, 4:58 PM

Change 270456 merged by jenkins-bot:
Remove *.ggpht.com from Wikimedia Commons upload whitelist

https://gerrit.wikimedia.org/r/270456

Dereckson closed this task as Resolved.Feb 16 2016, 5:41 PM
Luke081515 moved this task from To deploy to Done on the Wikimedia-Site-requests board.Mar 7 2016, 4:59 PM
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL