Page MenuHomePhabricator
Create Task
Maniphest T267991

Simple per-IP ratelimit for HTML stashing
Closed, ResolvedPublic
Actions

Description

The stashing feature should be rate limited per-user or per-ip. I guess we could use User::pingLimiter (probably extract the functionality into a MW service object).

Implementation idea:

  • add a checkRateLimit( $action ) method to the Authority interface. Note that $action is similar to but not quite the same as $action on probablyCan() and friends.
  • UserAuthority can implement checkRateLimit by calling User::pingLimiter for now. Eventually, this logic should be factored into a service object.
  • PageHTMLHandler::postValidationSetup should call getAuthority and pass the authority to the ParsoidHTMLHelper.
  • ParsoidHTMLHelper::getHTML should call checkRateLimit( 'stash-base-html' ) on the authroity object.

Details

SubjectRepoBranchLines +/-
WIP: Add support for rate limiting in Authoritymediawiki/coremaster+112 -5
Add rate limiting to ParsoidHTMLHelpermediawiki/coremaster+164 -20
Customize query in gerrit

Related Objects
Search...

Event Timeline

Pchelolo created this task.Nov 16 2020, 11:54 PM
Aklapper added a project: Platform Engineering.Oct 18 2021, 7:42 AM

Adding Platform Engineering as Platform Team Workboards (Green) was archived and as open tasks should have an active project tag

WDoranWMF removed projects: Platform Engineering, Platform Team Workboards (Green).Nov 15 2021, 1:13 PM
daniel triaged this task as High priority.May 24 2022, 8:25 AM
daniel added a project: Platform Team Workboards (MW Expedition).
daniel moved this task from Unsorted pile to VE Backend pile on the Platform Team Workboards (MW Expedition) board.
daniel updated the task description. (Show Details)May 24 2022, 10:08 AM
daniel removed a subscriber: Pchelolo.
gerritbot added a comment.May 30 2022, 12:34 PM

Change 801384 had a related patch set uploaded (by D3r1ck01; author: Derick Alangi):

[mediawiki/core@master] WIP: Add rate limiter for stashing HTML

https://gerrit.wikimedia.org/r/801384

gerritbot added a project: Patch-For-Review.May 30 2022, 12:34 PM
daniel moved this task from VE Backend pile to Doing on the Platform Team Workboards (MW Expedition) board.May 30 2022, 3:07 PM
DAlangi_WMF changed the task status from Open to In Progress.Jun 1 2022, 11:59 AM
gerritbot added a comment.Jun 13 2022, 10:16 AM

Change 805091 had a related patch set uploaded (by Daniel Kinzler; author: Daniel Kinzler):

[mediawiki/core@master] WIP: add rate limiting to ParsoidHTMLHelper

https://gerrit.wikimedia.org/r/805091

gerritbot added a comment.Jun 15 2022, 12:39 PM

Change 805091 merged by jenkins-bot:

[mediawiki/core@master] Add rate limiting to ParsoidHTMLHelper

https://gerrit.wikimedia.org/r/805091

ReleaseTaggerBot added a project: MW-1.39-notes (1.39.0-wmf.17; 2022-06-20).Jun 15 2022, 1:00 PM
daniel closed this task as Resolved.Jun 29 2022, 10:54 AM
gerritbot added a comment.Jun 29 2022, 11:11 AM

Change 801384 abandoned by D3r1ck01:

[mediawiki/core@master] WIP: Add support for rate limiting in Authority

Reason:

Superseded by https://gerrit.wikimedia.org/r/c/mediawiki/core/+/809295

https://gerrit.wikimedia.org/r/801384

Maintenance_bot removed a project: Patch-For-Review.Jun 29 2022, 11:30 AM
Eevans unsubscribed.Jun 29 2022, 3:51 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL