Page MenuHomePhabricator
Create Task
Maniphest T169295

Sanitize MT service output HTML
Closed, ResolvedPublic
Actions

Description

As per the security review T144467: Security review for Google MT for Content Translation we need to sanitize the HTML output from MT engines before it is presented back to translator.

The best way to do this is to reuse the sanitizer in parsoid. But currently the sanitizer is token based and cannot handler directly. It is also not a standalone library.

Following tickets exist to address this general sanitizer requirement though.

We need to know if this tickets are actionable in near future. And if not, fill the gap using a generic good enough HTML sanitizer to address security concerns - an option is DOMPurify.

Details

ProjectBranchLines +/-Subject
mediawiki/services/cxservermaster+29 -4MT: Sanitize HTML output from machine translation services
Customize query in gerrit

Related Objects

Event Timeline

santhosh created this task.Jun 30 2017, 5:05 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 30 2017, 5:05 AM
santhosh mentioned this in T90208: Create Google translate backend for cxserver.Jun 30 2017, 5:06 AM
KartikMistry added a subscriber: KartikMistry.Jun 30 2017, 5:24 AM
Amire80 moved this task from Needs Triage to MT on the ContentTranslation board.Jul 2 2017, 1:04 PM
santhosh claimed this task.Jul 4 2017, 10:35 AM
santhosh triaged this task as Medium priority.
gerritbot added a subscriber: gerritbot.Jul 4 2017, 10:36 AM

Change 363156 had a related patch set uploaded (by Santhosh; owner: Santhosh):
[mediawiki/services/cxserver@master] MT: Sanitize HTML output from machine translation services

https://gerrit.wikimedia.org/r/363156

gerritbot added a project: Patch-For-Review.Jul 4 2017, 10:36 AM
santhosh added a project: Language-2017-July-Sept.Jul 4 2017, 10:36 AM
santhosh moved this task from Backlog to In Review on the Language-2017-July-Sept board.
gerritbot added a comment.Aug 2 2017, 12:40 AM

Change 363156 merged by jenkins-bot:
[mediawiki/services/cxserver@master] MT: Sanitize HTML output from machine translation services

https://gerrit.wikimedia.org/r/363156

Arrbee closed this task as Resolved.Aug 17 2017, 6:39 AM
Nikerabbit moved this task from In Review to Done on the Language-2017-July-Sept board.Aug 22 2017, 7:17 AM
santhosh mentioned this in T144467: Security review for Google MT for Content Translation.Dec 6 2017, 8:38 AM
Petar.petkovic removed a project: Patch-For-Review.Aug 31 2018, 8:27 PM
Petar.petkovic removed a subscriber: gerritbot.
Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL