Upload blacklist for target names not being applied
Closed, ResolvedPublic

Description

Commons reports that the list that blocks DSC902458 etc uploads is not functioning.


Version: unspecified
Severity: normal

TheDJ created this task.Feb 16 2011, 8:16 PM

Bryan.TongMinh wrote:

I am not aware of a list that blocks such uploads, only a list that warns when such files are uploaded. That list is working, I entered as filename "DSC000001.jpg" and I get a warning:

The name of the file you are uploading begins with "IMG", which is a non-descriptive name typically assigned automatically by digital cameras. Please choose a more descriptive name for your file.

It's done via MediaWiki:Titleblacklist and MediaWiki:Titleblacklist-custom-filename

Bryan.TongMinh wrote:

That's an extension, changing category.

TheDJ added a comment.Feb 25 2011, 9:09 AM
  • Bug 27339 has been marked as a duplicate of this bug. ***
TheDJ added a comment.Feb 25 2011, 9:14 AM
  • Bug 27700 has been marked as a duplicate of this bug. ***

I just reproduced it here from both a sysop and non-sysop account:
http://commons.wikimedia.org/wiki/File:DSC902458.jpg

Did not get blocked by title blacklist.

Can seemingly reproduce locally. But not too familiar with code. Will poke it when I've got a bit more time

No idea about how it's supposed to work

$wgHooks['EditFilter'][] = 'TitleBlacklistHooks::validateBlacklist';

It would seem, that creating a file page doesn't hit this hook call, at all.

Blocking redirects to non existent blacklisted titles seems to work fine, as does "The title "Meh on wheels" has been banned from creation. It matches the following blacklist entry: .*? on wheels"

Just no hits for image uploads for whatever reason..

That and there seems to be no code actually preventing any sort of new titles from being created.

Almost seems like we're barking up the wrong tree...

Reedy added a comment.Mar 21 2011, 8:56 PM

<vvv> Reedy: probably someone removed check for page creation permission from upload module
<vvv> Was it rewritten in 1.17?
<Reedy> I think so
<snip>
<vvv> Reedy: it looks like UploadBase assumes that 'edit', 'upload', etc are not per-page restrictions
<vvv> Reedy: oh, and it also allows to upload images even when they are create-protected

Bryan.TongMinh wrote:

UploadBase::verifyPermissions() ?

Fixed with r84573 and r84575

However, seems I broke some error handling in r83979, will investigate

Actually properly fixed in r84581

Add Comment