Page MenuHomePhabricator
Create Task
Maniphest T230124

Remove all now defunct AddThis gadgets from WMF wikis (previously a violation of the privacy policy)
Closed, ResolvedPublic
Actions

Description

They send user information to a third party site (addthis.com).

Some have been removed, e.g.
https://kk.wikipedia.org/w/index.php?title=%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0%D0%A3%D0%B8%D0%BA%D0%B8:Gadgets-definition&diff=2553369&oldid=2553242

Others remain:

$ mwgrep addthis.com
arwiki              MediaWiki:Gadget-Sharebox.js
avwiki              MediaWiki:Gadget-addThisMain.js
cewiki              MediaWiki:Gadget-addThisArticles.js
cewiki              MediaWiki:Gadget-addThisMain.js
hewikivoyage        MediaWiki:Gadget-Sharebox.js
pswiki              MediaWiki:Gadget-sharebox.js
ruwiki              MediaWiki:Gadget-addThisArticles.js
ruwiki              MediaWiki:Gadget-addThisMain.js
ruwikisource        MediaWiki:Gadget-addThisArticles.js
tgwiki              MediaWiki:Gadget-addThisArticles.js
tgwiki              MediaWiki:Gadget-addThisMain.js
udmwiki             MediaWiki:Gadget-addThisArticles.js
urwiki              MediaWiki:Gadget-sharebox.js

I would imagine these will start breaking once the CSP is enabled (T28508).

Related Objects

Event Timeline

Esanders created this task.Aug 8 2019, 12:06 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 8 2019, 12:06 PM
Esanders updated the task description. (Show Details)Aug 8 2019, 12:10 PM
Aklapper edited projects, added WMF-General-or-Unknown; removed MediaWiki-extensions-Gadgets.Aug 8 2019, 12:16 PM

Removing MediaWiki-extensions-Gadgets as this is not about the PHP extension with that name.

sbassett triaged this task as Medium priority.Aug 8 2019, 1:42 PM
sbassett added a subscriber: JFishback_WMF.
sbassett subscribed.Aug 8 2019, 1:49 PM

Are gadgets expected to fall under the standard Wikimedia privacy policy? I'm not seeing any specific privacy policy just for them, nor am I seeing any exceptional language for them within the standard privacy policy. Though gadgets are fairly similar to user scripts, which often call external resources, and which will indeed break once CSP is set to enforce (whenever that may be.)

Iniquity subscribed.Aug 8 2019, 2:35 PM
Quiddity added subscribers: TheDJ, Quiddity.Aug 8 2019, 3:53 PM

Hmm, I had heard about those, but assumed they were properly setup for privacy. Sigh.
@TheDJ a while ago you working on a related script for this, which would obviously (!) have respected privacy. Maybe you could help advise on a replacement, for these other wikis?

Krenair subscribed.Aug 8 2019, 10:50 PM
In T230124#5402604, @sbassett wrote:

Are gadgets expected to fall under the standard Wikimedia privacy policy? I'm not seeing any specific privacy policy just for them, nor am I seeing any exceptional language for them within the standard privacy policy.

Gadgets are executed in the context of a user's session with all the privileges that implies, I would expect it would fall within the same privacy policy as any MediaWiki-and-extensions-provided JavaScript.

Bawolff subscribed.Aug 8 2019, 11:16 PM
In T230124#5402604, @sbassett wrote:

Are gadgets expected to fall under the standard Wikimedia privacy policy? I'm not seeing any specific privacy policy just for them, nor am I seeing any exceptional language for them within the standard privacy policy. Though gadgets are fairly similar to user scripts, which often call external resources, and which will indeed break once CSP is set to enforce (whenever that may be.)

Not on secteam anymore, but just to give some historical context about how this sort of thing used to be treated- traditionally this sort of thing was considered a big no no if the gadget was default enabled or didnt disclose what was going on. If the gadget informed the user that information was going to a third party and the user had to opt in to use it (as is the case on ru wikipedia, although i didnt check the others) this was considered a grey area. Afaik this was never officially blessed as being ok, but de-facto was considered ok, or at least we turned a blind eye to it.

As for csp - this sort of usecase was one of the reasons why it was planned to allow users to add things to their allow list - to be able to use gadgets to create mash ups from other sites (although there was some debate whether to include scripts in user control allow list). Anyhow im not working on this anymore so up to whomever takes it over for what actually happens, just wanted to provide some background on the thinking at the time

TheDJ added a comment.Aug 9 2019, 6:58 AM

I used to have a sharebox.js userscript yes, and it showed a disclaimer on its documentation page..
https://web.archive.org/web/20190410075542/https://en.wikipedia.org/wiki/User:TheDJ/Sharebox

it has been deleted for years however.
Something like
https://en.wikipedia.org/wiki/Wikipedia:Wikipedia_Signpost/Templates/Signpost-article-header-v2
That is a much less privacy invasive approach (but also has less features).

stjn subscribed.Aug 9 2019, 12:01 PM
In T230124#5404173, @Bawolff wrote:

If the gadget informed the user that information was going to a third party and the user had to opt in to use it (as is the case on ru wikipedia, although i didnt check the others) this was considered a grey area. Afaik this was never officially blessed as being ok, but de-facto was considered ok, or at least we turned a blind eye to it.

I added the warnings in 2017 for both gadgets (addThisArticles, addThisMain) because I considered them problematic, but couldn’t outright remove them since like 1,000 users had them enabled. We had a plan to provide an alternative with privacy in mind, but no one had time to write new scripts. I’m pretty sure other wikis with gadgets in the same name don’t have those warnings, unless the gadgets were imported from Russian Wikipedia after 2017.

JFishback_WMF moved this task from Intake to Backlog on the Privacy board.Mar 24 2020, 3:11 PM
JFishback_WMF added a project: Privacy Engineering.
JFishback_WMF moved this task from Incoming to Backlog on the Privacy Engineering board.
RhinosF1 subscribed.Feb 24 2021, 6:56 PM
Aklapper mentioned this in T275754: Fix (non-default) gadgets loading executable JavaScript from third-party URLs.Apr 20 2021, 9:03 AM
sguebo_WMF mentioned this in T296847: Third-party resources policy.Dec 1 2021, 2:17 PM
Nintendofan885 subscribed.Jan 22 2023, 10:24 AM
Nemo_bis awarded a token.Jun 7 2023, 5:58 PM
Pppery subscribed.Oct 24 2023, 12:26 AM

AddThis has been dead for 6 months. Any gadgets, if they still exist, can just be disabled.

Aklapper renamed this task from AddThis gadgets are a violation of the privacy policy to Remove all now defunct AddThis gadgets from WMF wikis (previously a violation of the privacy policy).Oct 25 2023, 9:48 AM
$:acko\> grep -r "ddthis.c" .
https://av.wikipedia.org/wiki/MediaWiki_Gadget-addThisMain.js:     mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://ce.wikipedia.org/wiki/MediaWiki_Gadget-addThisArticles.js: mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://ce.wikipedia.org/wiki/MediaWiki_Gadget-addThisMain.js:     mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://he.wikivoyage.org/wiki/מדיה_ויקי_Gadget-Sharebox.js:       mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://kk.wikipedia.org/wiki/МедиаУики_Gadget-addThisArticles.js: mw.loader.getScript('//s7.addthis.com/js/250/addthis_widget.js
https://ps.wikipedia.org/wiki/ميډياويکي_Gadget-sharebox.js:        mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://ru.wikipedia.org/wiki/MediaWiki_Gadget-addThisArticles.js: mw.loader.getScript('//s7.addthis.com/js/250/addthis_widget.js
https://ru.wikipedia.org/wiki/MediaWiki_Gadget-addThisMain.js:     mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://ru.wikisource.org/wiki/MediaWiki_Gadget-addThisArticles.js:mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://tg.wikipedia.org/wiki/Медиавики_Gadget-addThisArticles.js: mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://tg.wikipedia.org/wiki/Медиавики_Gadget-addThisMain.js:     mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://udm.wikipedia.org/wiki/MediaWiki_Gadget-addThisArticles.js:mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://ur.wikipedia.org/wiki/میڈیاویکی_Gadget-sharebox.js:        mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://vec.wikipedia.org/wiki/MediaWiki_Gadget-addThisArticles.js:mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
https://vec.wikipedia.org/wiki/MediaWiki_Gadget-addThisMain.js:    mw.loader.load('//s7.addthis.com/js/250/addthis_widget.js
Esanders added a comment.Oct 25 2023, 3:05 PM

Removed from all the Gadgets-definition pages:

Wiki	Page title	Excerpt
ce.wikipedia	MediaWiki:Gadgets-definition	popups[ResourceLoader]|popups.js * addThisArticles[ResourceLoader|type=general|dependencies=mediawiki.util]|addThisArticles.js|addThisArticles.css *
kk.wikipedia	МедиаУики:Gadgets-definition	GoogleTrans[ResourceLoader]|GoogleTrans.js * addThisArticles[ResourceLoader|dependencies=mediawiki.util]|addThisArticles.js|addThisArticles.css == default == *
ru.wikisource	MediaWiki:Gadgets-definition	FlaggedRevs[ResourceLoader]|FlaggedRevs.css * addThisArticles[ResourceLoader|dependencies=mediawiki.util]|addThisArticles.js|addThisArticles.css *
tg.wikipedia	Медиавики:Gadgets-definition	popups[ResourceLoader]|popups.js * addThisArticles[ResourceLoader|type=general|dependencies=mediawiki.util]|addThisArticles.js|addThisArticles.css * HideInfobox|HideInfobox
tt.wikipedia	МедиаВики:Gadgets-definition	util]|Highlightredirects.js * addThisArticles[ResourceLoader|dependencies=mediawiki.util]|addThisArticles.js|addThisArticles.css == users == *
udm.wikipedia	MediaWiki:Gadgets-definition	popups[ResourceLoader]|popups.js * addThisArticles[ResourceLoader|type=general|dependencies=mediawiki.util]|addThisArticles.js|addThisArticles.css == users ==
vec.wikipedia	MediaWiki:Gadgets-definition	js * addThisArticles[ResourceLoader|type=general|dependencies=mediawiki.util]|addThisArticles.js|addThisArticles.css * addThis
Esanders closed this task as Resolved.Oct 25 2023, 3:20 PM
Esanders claimed this task.

Blanked all gadgets.

stjn added a comment.EditedOct 25 2023, 4:26 PM

(you put the wrong link to T349622 in the comment but ultimately it doesn’t matter much; please don’t fix it for ruwiki as I already have requested the deletion of all addthis-related pages)

Esanders added a comment.Oct 26 2023, 9:12 AM
In T230124#9280933, @stjn wrote:

(you put the wrong link to T349622 in the comment but ultimately it doesn’t matter much; please don’t fix it for ruwiki as I already have requested the deletion of all addthis-related pages)

!!

Esanders mentioned this in T349622: [design] Notifications (mw.notify) are a long way from the content on wide screens.Oct 26 2023, 9:13 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits