Page MenuHomePhabricator

Please add iCloud.com and other online storage hosts to the wgCopyUploadsDomains whitelist of Wikimedia Commons
Closed, DeclinedPublic

Description

I would like to request that photos.google.com, one.google.com, google.com/drive, dropbox.com, onedrive.live.com and icloud.com be added to the whitelist for upload_by_url tasks.

I take many pictures of architecture, historic places, monuments, landscape and nature which are automativally uploaded from my smart phone to GooglePhotos, Dropbox and mostly to the iCloud. Obviously it is a pain to upload photos directly from the smartphone, having to enter all descriptions with my thumb on the tiny screen keyboard. Also I don't want to use my limited bandwidth and hard disk capacity to download all photos from the cloud to the desktop computer (which is also broken at the moment) in order to be able to re-upload them all to Commons. I am surprised that there seems to be no easy method of uploading in bulk from the smartphone and later adding filenames and file descriptions from the tablet or desktop computer.

With the upload-by-url function I am hoping to be able to upload directly from cloud storage. Is that correct?

Best regards and thank you. 

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 8 2018, 12:45 AM
4nn1l2 added a subscriber: 4nn1l2.Dec 8 2018, 12:56 AM

Hi @KaiKemmann. Do you want to work on this task or I can claim this task?

And, how are these storages be free license licensed?

As far as I know, usually websites which host files under free licenses are added to the whitelist. But these domains can host anything, basically.
(Maybe https://commons.wikimedia.org/wiki/Commons:Upload_tools/wgCopyUploadsDomains and/or https://commons.wikimedia.org/wiki/Commons:Upload_tools#Upload_by_URL need a better explanation of scope because I'm not sure that's a 'rule' or not.)

I am really not very familiar with the procedures and mostly just looking for a way to efficiently upload from a smart phone.

But I understand the "upload_by_url" function is only available to users with special functions ("Image reviewers, Admins, GWToolset users, Extended uploaders") or to reliable users by application.

So having a whitelist for the sources these supposedly trustworthy users can upload files from might be considered an unnessecary precaution.
But who am I to know about the reasons behind these measurements ...

@Zoranzoki21: I am not sure what "working on a task" involves. I would therefore be happy if you would want to "claim the task" and do with it whatever you deem appropriate.

thanks for your attention,
Kai

Urbanecm removed KaiKemmann as the assignee of this task.Dec 8 2018, 4:01 PM
Urbanecm triaged this task as Low priority.
Urbanecm changed the task status from Open to Stalled.
Urbanecm added a subscriber: Urbanecm.

I unassigned you then. Workng on a task involves completing it. What completing a task is varies per task, in this case, it is needed to upload a patch to operations/mediawiki-config repository and schedule it for deployment.

@Zoranzoki21 I'm marking this as stalled, because I'm not sure if we can proceed. Maybe allowing trusted users to upload from any URL will be better than adding everything somebody wants to the whitelist. I think this deserves some discussion.

From a security point of view, the idea of the whitelist is:

  • to avoid to DDoS external networks from Wikimedia Cluster
  • to avoid the Wikimedia Cluster is DDoSed by external networks

If the domains are as public as usable by any user, that could be a source for a DDoS effort: for example in the past we got the video convert jobs saturated by movies uploads for Wikipedia Zero.

From an usability point of view, those domains are generally protected by login or HTML confirmation from to be able to use them: Google Drive is especially difficult to fetch from (the picture URL won't always work for example).

From a security point of view, the idea of the whitelist is

Is this true? Uploads-via-URL for Commons are already restricted to a pretty small set of users (sysop, extended-uploader, bot, and Image-reviewer). . I'm not sure the defence-in-depth concern is the main reason we have this, but instead as a community policy thing about what sources are valid (which itself seems a bit odd, as the community normally expects trusted users to use their own judgement on such things).

Uploads-via-URL for Commons are already restricted to a pretty small set of users (sysop, extended-uploader, bot, and Image-reviewer).

Now I oppose to the implementation of this request, because upload_by_url right will be granted to all autopatrolled users soon (T214003), so we need to have a cherry-picked whitelist.

Majora added a subscriber: Majora.Feb 5 2019, 4:52 AM
Framawiki closed this task as Declined.Sat, Jun 15, 1:40 PM

This task is about adding to the whitelist servers that allows hosting content from everybody. That means whitelisting any content. In that case, the whitelist is no longer useful, by definition IMO.
It would then be a matter of removing the whitelist restriction. But that would be another task and another set of discussions (feel free to create that one).

Closing as declined.

Restricted Application removed a subscriber: Liuxinyu970226. · View Herald TranscriptSat, Jun 15, 1:40 PM