Page MenuHomePhabricator
Create Task
Maniphest T254184

Copy as wikitext functionality trusts the client and is tightly bound to the client output
Open, Needs TriagePublic
Actions

Description

Problem
The "copy as wikitext" functionality that was added in T251361 relies on VisualEditor to convert the HTML from the client's browser into Wikitext for use on other wikis. This is problematic for two reasons:

  1. This mechanism trusts that the client's HTML is correct and is not malicious or contains sensitive information. For instance, if the user has a browser plugin that modifies the HTML for that user (and perhaps includes sensitive information) that information will be converted into Wikitext and the user may share it unknowingly.
  2. Likewise, trusting the HTML from the client means we are trusting that it is in a state that is expected. The code sanitizes the input on the client, but does not account for unknown gadgets, user scripts, or browser plugins that may modify the HTML input. This could result in bugs that are difficult to reproduce and may not even appear for that user (i.e. they may only appear for other users who see the wikitext later).

Normally in this instance it might be acceptable to trust the client, but since the output is deterministic (i.e. two users should be able to copy the same investigation and get the same wikitext) and intended to be shared it seems somewhat risky. In the case of VisualEditor, trusting the client's input is part of the intention of it's use and is being used for content the client themselves generated (not deterministic).

Proposed Solution
Use the PHP version of Parsoid that is included in MediaWiki core to convert the HTML that is generated on the server into Wikitext before sending everything to the client.

Alternatively, we could generate the Wikitext manually (on the server, or with the data from the client), but since Parsoid is available, it seems like the more sensible option to use it.

Related Objects
Search...

Event Timeline

dbarratt created this task.Jun 1 2020, 5:36 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 1 2020, 5:36 PM
dbarratt added a subtask: T251361: CU 2.0: Implement an option to allow users to copy the wikitext of the results table to their clipboard .Jun 1 2020, 5:36 PM
Niharika subscribed.Jun 2 2020, 6:00 AM

@dbarratt I understand the concerns here but I am inclined to mark this task as low priority because we are introducing a brand new special page and I very much doubt there are (or will be anytime soon) any gadgets or plugins that modify the page. Given the time crunch we have right now we should focus on delivering the core features and in the future we can come back to this as a maintenance task.

Niharika closed subtask T251361: CU 2.0: Implement an option to allow users to copy the wikitext of the results table to their clipboard as Resolved.Jul 31 2020, 10:23 PM
Dreamy_Jazz moved this task from General / Unsorted to Investigate on the CheckUser board.Jul 16 2022, 11:57 PM
Dreamy_Jazz moved this task from Untriaged to CheckUser on the Anti-Harassment board.Jul 22 2023, 5:51 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL