Page MenuHomePhabricator

Implement a prototype JavaScript review system for MediaWiki
Open, LowPublic


MediaWiki allows interface administrators to customize site behavior by adding custom JavaScript and CSS. This feature implicitly assumes that interface administrators are trusted users - while this is true for projects such as Wikipedia, it results in problems on shared installs or wiki hosting services, where it is possible to create a new wiki and add malicious site JS that can then be used to take over accounts with global rights that visit the page.

At Wikia, a JavaScript review system is provided by MediaWiki extension ContentReview which ensures that changes made to site JS are not live for other users until they have been approved by someone with appropriate rights. The goal of this project is to create a prototype that implements the basic functionality of the Wikia ContentReview extension while being compatible with the latest versions of core MediaWiki.


  • Edits made to JavaScript pages have to be submitted for review.
  • Reviewers may approve or reject submitted edits.
  • If an edit is approved, the changes will be visible to all users of the site.
  • Changes made in unsubmitted, pending, and rejected edits do not affect users of the site.

Event Timeline

A few notes on how we can progress from here:

Reviews in the current prototype are atomic (1 click approve/reject). We should probably introduce In Review state as found in the original Wikia ContentReview extension, where the reviewer starts a review before approving or rejecting a revision. Then we can also tie any automatic review processes (linter, CI build) to the review start event.

Qgil subscribed.

(I hope the cookie is not misinterpreted, I just wanted to say Thank You for working on this!)

Going by the list of open farms with most sysops ( ), I wonder if any of them (e.g. (Gamepedia, Referata, Uncyclomedia, Miraheze, Brickimedia) has a similar use case, i.e. wikis where the admins aren't necessarily trusted to be in good faith and where somebody would be interested in handling a central queue of JavaScript changes.

If I understand correctly, TK-999 is looking for at least one non-Wikimedia farm interested in trying his extension, so that he can ascertain its usefulness and be guided in its further development.

On Gamepedia we use a vetting process before giving people administrator level access and we actively engage with the administrators in our IRC/Slack channels. However, an extension like this would be useful once the number of wikis/admins grow past what is reasonable to handle. As for taking over accounts we have our own AuthenticationProvider and SessionProvider that more or less mitigates those possibilities.(I won't say it is impossible though!)

While I want to give TK-999's extension a try on our stack I know it will be blocked by our(Amazon's) legal acceptance process. GPL-3.0 licensed projects/extensions are unfortunately prohibited.

Side note: I see that MW 1.29 or higher is required. I just finished merging MW 1.29-rc0 into a Hydra testing branch yesterday. It could one to two months before it actually goes out to live servers so it would be a while before we could actually test it assuming I could get an exception granted for the GPL-3.0 licensing policy.

Aklapper lowered the priority of this task from Medium to Low.Mar 7 2023, 8:43 AM