Page MenuHomePhabricator
Create Task
Maniphest T115685

[Citation Bot] Tracking: Convert Citation bot's gadget feature to work via API rather than click-jacking [AOI]
Closed, ResolvedPublic
Actions

Description

Change how https://en.wikipedia.org/wiki/MediaWiki:Gadget-citations.js works so that it makes an API request to the Tool Labs code rather than using a click-jacking hack.

Component tasks:

  • Change the gadget code so it makes some sort of API request (possibly XHR, but that may run into same-origin problems). The gadget should submit either the article text or article title (as is done with doibot.html) and should get back the updated wikitext of the article. It should then load an edit window with the resulting edit summary and page text. This should be relatively easy for someone who's good with onwiki JS, but probably considerably harder for someone who's learning.
  • Change the backend code so that there is an appropriate web API to contact. It's probably best to write a new script to handle this; doibot.php is close in functionality and is a sort of API, but the script is mixed up with the page output and won't be easy to add to. The basic logic of this should be easy, while the surrounding code to set this up may be a bit trickier.

Acceptance criteria: same functionality (click the Citations button, get a diff-style edit window containing the expanded article), but now works with NoScript or a similar XSS-blocker enabled.

This will be a very good task to pair on, especially for the front-end portions. @Fhocutt knows how Citation bot goes together, while @kaldari and @NiharikaKohli have more JS and gadget experience.

Related Objects
Search...

Event Timeline

kaldari created this task.Oct 16 2015, 5:38 AM
kaldari raised the priority of this task from to Needs Triage.
kaldari updated the task description. (Show Details)
kaldari added a project: Community-Tech.
kaldari subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 16 2015, 5:38 AM
kaldari moved this task from New & TBD Tickets to Older: Team Work on the Community-Tech board.Oct 16 2015, 5:38 AM
kaldari added a subscriber: Fhocutt.

@Fhocutt: Could you provide a slightly more fleshed-out description for this task and also give us a rough estimate of how much work would be involved so that we can decide if it's worth moving into the sprint?

kaldari renamed this task from Convert Citation bot's gadget feature to work via API rather than click-jacking to [AOI][Citation Bot] Convert Citation bot's gadget feature to work via API rather than click-jacking.Oct 16 2015, 5:40 AM
kaldari set Security to None.
Fhocutt updated the task description. (Show Details)Oct 23 2015, 3:10 AM
Fhocutt added a subscriber: Niharika.
kaldari added a comment.Oct 23 2015, 5:16 AM

If there are same-origin problems, you should be able to work around them by using JSONP, which is supported by $.ajax().

kaldari triaged this task as Low priority.Oct 23 2015, 6:05 PM
kaldari added a project: Community-Tech-Sprint.
kaldari added a comment.Oct 23 2015, 6:51 PM

Assessment for prioritization:
Support: Low/Medium (no one has asked for this explicitly, but improving Citation bot was asked for in the AOI survey)
Feasibility: Medium/Difficult (not trivial to implement, may require reorganizing some of the existing code, may have to work around same-origin restriction)
Impact: Low (mostly works for now, but this will make it work in more browsers and be more future-proof, enwiki only)
Risk: Medium (requires a fair bit of refactoring which could break things or require more work than expected)

Priority: Low

Fhocutt added a project: Tracking-Neverending.Oct 27 2015, 1:57 AM
kaldari renamed this task from [AOI][Citation Bot] Convert Citation bot's gadget feature to work via API rather than click-jacking to [AOI][Citation Bot] Tracking: Convert Citation bot's gadget feature to work via API rather than click-jacking.Oct 27 2015, 5:36 PM
kaldari removed a project: Community-Tech-Sprint.
kaldari moved this task from Older: Team Work to Older: Tracking Work by Others on the Community-Tech board.
DannyH renamed this task from [AOI][Citation Bot] Tracking: Convert Citation bot's gadget feature to work via API rather than click-jacking to CB5. [AOI][Citation Bot] Tracking: Convert Citation bot's gadget feature to work via API rather than click-jacking.Oct 27 2015, 5:39 PM
DannyH renamed this task from CB5. [AOI][Citation Bot] Tracking: Convert Citation bot's gadget feature to work via API rather than click-jacking to [Citation Bot] Tracking: Convert Citation bot's gadget feature to work via API rather than click-jacking [AOI].Oct 28 2015, 7:05 PM
DannyH closed subtask T116698: [Citation bot] Create a web API for Citation bot that returns expanded wikitext [AOI] as Resolved.Nov 16 2015, 6:24 PM
kaldari closed subtask T116708: [Citation bot] Modify Citation bot's gadget to get expanded text/edit summary through API call [AOI] as Resolved.Nov 20 2015, 4:36 PM
Fhocutt closed this task as Resolved.Dec 4 2015, 7:18 PM
DannyH moved this task from Older: Tracking Work by Others to Archive on the Community-Tech board.Dec 8 2015, 6:54 PM
Liuxinyu970226 moved this task from Tag to Transition completed / Archived on the Tracking-Neverending board.Feb 22 2019, 7:10 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits