Page MenuHomePhabricator
Create Task
Maniphest T3491

Disable templates/transclusions in user signature
Closed, InvalidPublic
Actions

Description

Author: netoholic

Description:
The new "Raw signatures" feature unfortunately allows users to use templates.

One user on English Wikipedia in particular uses
http://en.wikipedia.org/wiki/Template:Vip as his signature, and now we're
facing a problem cleaning that up (we're discussion merging or deleting that
template).

I'd prefer if "Raw signatures" was removed again, but at the very least it
should not interpret template inclusions.

Version: unspecified
Severity: critical

Details

Reference
bz1491
TitleReferenceAuthorSource BranchDest Branch
manage favicon with appearance scriptrepos/releng/gitlab-settings!55jeltoadd-faviconmain
update header_logo to use 4px strokerepos/releng/gitlab-settings!54jeltoupdate-logo-4pxmain
add dedicated logos for header and loginrepos/releng/gitlab-settings!52jeltoadd-dedicated-login-logomain
add script to change appearancerepos/releng/gitlab-settings!51jeltoadd-appearancemain
Rename HTTP_PROXY to HTTPS_PROXYrepos/mediawiki/services/ipoid!152tchandershttps-proxymain
Bump release versionrepos/search-platform/flink-rdf-streaming-updater!13bkingmainmain
Draft: build: Migrate image from node16 to node18repos/abstract-wiki/wikifunctions/function-orchestrator!75jforresterT349118main
get-feed: Support using a proxy with axiosrepos/mediawiki/services/ipoid!144kharlanT349171-9634main
Customize query in GitLab

Event Timeline

bzimport raised the priority of this task from to High.Nov 21 2014, 8:12 PM
bzimport added a project: MediaWiki-Core-Preferences.
bzimport set Reference to bz1491.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Feb 7 2005, 10:06 PM
bzimport added a comment.Feb 15 2005, 3:43 PM

netoholic wrote:

After looking into this more, it seems that using a transcluded signature
(usually pointing to {{User:Username/sig}}) has become
increasingly "fasionable" on Wikipedia. The problem is that the links table
is getting flooded, server caches for all those talk pages are purged when
the signature is changed, and signatures like this become vandalism targets.

Please address ASAP.

brion added a comment.Feb 15 2005, 6:35 PM

Signature can't do anything that people can't type themselves.

bzimport added a comment.Feb 16 2005, 5:46 PM

netoholic wrote:

That may be true right now, but that was not true prior to when the "raw
signature" setting was made available.

brion added a comment.Feb 16 2005, 6:27 PM

That is a 100% false statement. The signature has never ever under any
circumstances been able to produce output that cannot be produced by
typing or cut and paste, and it never will be able to do so.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL