Page MenuHomePhabricator

Expand spam blacklist to include edit and other summaries
Open, LowPublic

Description

Author: lilewyn

Description:
While the spam blacklist works for article content, it fails to affect edit summaries and log entry reasons. At least one abusive user is utilizing this hole in our defenses.


Version: unspecified
Severity: enhancement
URL: http://meta.wikimedia.org/wiki/Special:Contributions/David_Menbelle

Details

Reference
bz13599

Event Timeline

bzimport raised the priority of this task from to Low.Nov 21 2014, 10:03 PM
bzimport added a project: SpamBlacklist.
bzimport set Reference to bz13599.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Apr 3 2008, 5:10 AM

cometstyles wrote:

Agreed, its a simple trolling bug which really must be fixed, since links to badsites can be abused through this, and the spam filter doesn't really pick this up and possibly creating something like [[MediaWiki:EditSummaryBlacklist]] (just an idea) can fix it...

lilewyn wrote:

Er, I was more intending for this to use the existing spam blacklist and apply it to edit summaries also. Fewer pages to monitor. No reason I can think of to make two separate lists. I proposed this as a change to http://www.mediawiki.org/wiki/Extension:SpamBlacklist

brion added a comment.Apr 3 2008, 10:53 PM

There are no clickable links there, so the blacklist wouldn't apply.

ral315 wrote:

Nevertheless, spammers use edit summaries encouraging users to visit nimp.org (don't actually go there, it's a shock site that'll probably crash your browser). While they're not clickable, it wouldn't be good to have those kind of entries in the history either.

hersfoldwiki wrote:

This is still an issue and could really use some looking into. We've had a few users (who shall go unnamed) go through a temporary lack of common sense and go to these sites, clickable or not. It seems to me this could just use a simple regex scan of the edit summary - it's pretty easy to tell what a link looks like, so it's very unlikely we'd get any false alarms on this.

demon added a comment.Jun 19 2008, 3:15 AM

Partially fixed as of r36439. Log entries aren't scanned yet, but edit summaries now are.

demon removed a subscriber: demon.Mar 9 2017, 9:39 PM