Make abusefilter on foundationwiki to prevent people accidentally violating our privacy policy
Closed, ResolvedPublic

Description

Its been suggested we should make an abusefilter banning adding external scripts to foundationwiki to prevent employees from accidentally violating privacy policy.

Other alternatives is enabling CSP whenever that becomes ready.

Bawolff created this task.Mar 1 2017, 10:04 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 1 2017, 10:04 PM
Bawolff closed this task as "Resolved".Mar 1 2017, 10:56 PM
Bawolff assigned this task to ArielGlenn.
Bawolff changed the visibility from "Custom Policy" to "Public (No Login Required)".Mar 5 2017, 10:10 PM

Change 341259 had a related patch set uploaded (by bawolff):
[operations/mediawiki-config] Add a CSP policy to foundationwiki to prevent privacy breach

https://gerrit.wikimedia.org/r/341259

Wouldn't [^>]* have been cleaner?

Wouldn't [^>]* have been cleaner?

Sometimes a close tag is missing before the next open tag. I don't care too much one way or the other though.

Change 341259 merged by jenkins-bot:
[operations/mediawiki-config] Add a CSP policy to foundationwiki to prevent privacy breach

https://gerrit.wikimedia.org/r/341259

Mentioned in SAL (#wikimedia-operations) [2017-03-06T14:37:16Z] <addshore@tin> Synchronized wmf-config/CommonSettings.php: SWAT: [[gerrit:341259|Add a CSP policy to foundationwiki to prevent privacy breach]] T159386 (duration: 00m 39s)

Bawolff added a comment.EditedMar 12 2017, 7:30 PM

Hmm. Looks like the testing CSP policy would block the mobile tracking beacon since wikimediafoundation.org is not a valid img-src when viewing from m.wikimediafoundation.org [Or what I'm assuming is the beacon, could be something else]