Page MenuHomePhabricator

Consider allowing users of Wikibase.Cloud to use tinyurl links on their Wikibases
Open, Needs TriagePublic

Description

As a Wikibase.Cloud user, I like to share sample queries related to my Wikibase on the main page. Wbstack allowed users to use tinyurl links on their wikibases. The query service button "short URL to this page" uses tinyurl. It would be helpful if I could then save these queries on the mainpage. Currently I am prevented from saving because the tinyurl links get caught by the spam filter.

Event Timeline

Just an image for context and confirming this is even an issue as an admin user.

image.png (408×1 px, 73 KB)

Could be as simple as putting tinyurl\.com into the default MediaWiki:Spam-whitelist. That's what I did. (I don't know how simple this actually is.)

As T295371 notes, Wikibase.cloud's own WDQS instance attempts to create shortcut links via tinyurl.com, though this 403s nowadays.

The TinyURL API appears to have changed but it might also not like the SQL-like SPARQL. I tried entering this SPARQL manually on tinyurl.com and I got a CloudFlare Web Application Firewall response:

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.`

Wikimedia uses a different one, w.wiki, but we can't use it per T294699#7472057.

Right now you can see the settings at https://github.com/wbstack/mediawiki/blob/8ce7ce879b3aa7bcda05f102a78b17a11fbbfe58/dist-persist/wbstack/src/Settings/LocalSettings.php#L435-L448
These are mainly from https://github.com/wbstack/mediawiki-spam-lists

The custom inuse wbstack lists can then be found at https://github.com/wbstack/mediawiki-spam-lists

I'm not sure how to add allow lists / white lists to this setting though?
The extension docs don't make that clear

The readme just says:

A local whitelist can be maintained by creating a [[MediaWiki:Spam-whitelist]] page and listing hostnames in it, using the same format as the blacklists. URLs matching the whitelist will be ignored locally.

There doesn't seem to be the concept of using a file/URI in the same way as the blacklist. The whitelist regexes are stored with a particular cache key, so maybe it would be possible to hackily poke it into the cache? It might overwrite or be overwritten by the regexes in the message, though (even if they're nothing).

My main thought was you could just have a custom default for the MediaWiki:Spam-whitelist message, however that is handled normally. That way it works by default but can be edited as desired.

GreenReaper renamed this task from Consider allowing users of Wikibase.Cloud to use tinurl links on their Wikibases to Consider allowing users of Wikibase.Cloud to use tinyurl links on their Wikibases.Dec 7 2022, 10:57 PM
GreenReaper updated the task description. (Show Details)