Page MenuHomePhabricator

Allow 'Muted users' notification preference to support IP ranges
Open, LowPublicFeature

Description

Proposed behavior

If a user provides an IP range as an input in the 'Muted users' preference, all notifications that come from within that IP range should not be delivered to that user.

https://en.wikipedia.org/wiki/Special:Preferences#mw-prefsection-echo

This could either be for just IP edits or both IP + user actions within that IP range. But would this be an area for Privacy concern? a way for bad actors to guess + test notification system.

Event Timeline

just IP edits

This would be good.

both IP + user actions within that IP range

This would be a privacy violation. Any user could find the IP range of any user that sends them notifications.

Xaosflux changed the subtype of this task from "Task" to "Feature Request".

Muting IP ranges would probably add a lot of complexity. T351091: Allow muting all non-permanent users filed today is a slightly different but probably still effective solution.

Change 973858 had a related patch set uploaded (by SD0001; author: SD0001):

[mediawiki/core@master] Add support for IP addresses and ranges in MultiUsernameFilter

https://gerrit.wikimedia.org/r/973858

Muting IP ranges would probably add a lot of complexity. T351091: Allow muting all non-permanent users filed today is a slightly different but probably still effective solution.

It's not too much of complexity as MW already has utilities for parsing and checking IP ranges. The linked alt approach seems too wide, causing too much collateral damage while trying to mute a specific range.

Change 973859 had a related patch set uploaded (by SD0001; author: SD0001):

[mediawiki/extensions/Echo@master] Allow muting IP addresses and ranges

https://gerrit.wikimedia.org/r/973859

If we want to do this for IPs, we should probably start with temp accounts too - per T344647

If we want to do this for IPs, we should probably start with temp accounts too - per T344647

Agreed. Luckily muting temp accounts via Echo preferences is still working - have commented at T344647#9333768

The harassment aspect cannot really be addressed by muting in the long term, because once temp users are enabled, it will be trivial to generate new accounts. Can't harassers simply be blocked? Once we have an incident reporting system in place, it will be easier to figure out how to get help from an admin.