Page MenuHomePhabricator
Create Task
Maniphest T246393

Validate Special:Investigate targets in CompareService
Closed, DeclinedPublic
Actions

Description

CompareService::buildUserPredicate assumes that any string that is not a valid IP address or range is a username, and adds it into the query.

Since T245499, a per-target limit is applied, so if any of the targets is an invalid or non-existent user name, the limits for the valid targets will decrease.

This should not usually be a problem, because invalid and non-existent user names will have been filtered out by the UsersMultiselectWidget. However, if the widget is ever bypassed, the CompareSerice should filter out invalid and non-existent user names before building the query.

Related Objects

Event Timeline

Tchanders created this task.Feb 27 2020, 10:46 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 27 2020, 10:46 PM
Niharika moved this task from Untriaged to Triage/To be Estimated on the Anti-Harassment-Team board.Feb 28 2020, 8:21 PM
Niharika subscribed.Mar 4 2020, 10:07 PM

However, if the widget is ever bypassed.

@Tchanders Under what circumstances can that widget be bypassed?

Tchanders added a comment.Mar 4 2020, 10:28 PM

@Niharika It shouldn't be bypassed in practice. This should only be a problem e.g. if we add an API, or call it directly in a test.

Niharika triaged this task as Low priority.Mar 4 2020, 10:34 PM
In T246393#5943312, @Tchanders wrote:

@Niharika It shouldn't be bypassed in practice. This should only be a problem e.g. if we add an API, or call it directly in a test.

Got it! Thanks. That helps me prioritize this.

phuedx moved this task from Triage/To be Estimated to Untriaged on the Anti-Harassment-Team board.Oct 18 2021, 1:51 PM
phuedx moved this task from Untriaged to CheckUser on the Anti-Harassment-Team board.Oct 18 2021, 2:54 PM
Dreamy_Jazz moved this task from Inbox to Investigate on the CheckUser board.Jul 16 2022, 11:59 PM
TAdeleye_WMF edited projects, added Trust and Safety Product Team; removed Anti-Harassment-Team.May 14 2024, 4:16 PM
Dreamy_Jazz closed this task as Declined.Aug 6 2025, 12:59 PM
Dreamy_Jazz subscribed.

It shouldn't be bypassed in practice. This should only be a problem e.g. if we add an API, or call it directly in a test.

Therefore, I think we should decline this because:

  • I don't think we would add an API
  • I don't see an issue if it's bypassed in tests

Furthermore, active development work on Special:Investigate has stopped.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits