Maniphest T156476

Resolve API security issues
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• schana
	Jan 27 2017, 12:35 PM

Tags

Referenced Files

None

Subscribers

Description

It would be nice if trusted data from other servers would be escaped (langauge_pairs, language_to_domain_mappings) or failing that, checked if they contain an apostrophe and throw an exception.

Details

	Subject	Repo	Branch	Lines +/-
	Validate language pairs before use	research/recommendation-api	master	+33 -9

Customize query in gerrit

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved		None	T153846 Resolve security issues
		Resolved		• schana	T148129 Productization of Recommendation API
		Resolved		• schana	T156476 Resolve API security issues

Event Timeline

• schana created this task.Jan 27 2017, 12:35 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 27 2017, 12:35 PM

• schana added a parent task: T148129: Productization of Recommendation API.Jan 27 2017, 12:37 PM

• schana moved this task from Backlog to Next up on the Recommendation-API board.

Change 334622 had a related patch set uploaded (by Nschaaf):
Validate language pairs before use

https://gerrit.wikimedia.org/r/334622

gerritbot added a project: Patch-For-Review.Jan 27 2017, 1:48 PM

• schana moved this task from Next up to In Progress on the Recommendation-API board.Jan 27 2017, 1:49 PM

Change 334622 merged by jenkins-bot:
Validate language pairs before use

https://gerrit.wikimedia.org/r/334622

• schana moved this task from In Progress to For Review on the Recommendation-API board.Jan 27 2017, 2:09 PM

• schana moved this task from For Review to Done on the Recommendation-API board.Jan 27 2017, 2:14 PM

• schana removed a project: Patch-For-Review.

• schana closed this task as Resolved.Jan 27 2017, 5:17 PM