Page MenuHomePhabricator

Check if client Wikidata Bridge leaks IP on the repo of the edited Item
Closed, ResolvedPublic

Description

Problem:
When a user edits an Item or Property through Wikidata Bridge we need to check if we are leaking their IP in case they are not logged in and IP masking is enabled on the repo.

If we are leaking the editor's IP and temporary accounts are enabled on the repo, we must not leak it and add entry with their temporary account name instead to the edit history of the Item

BDD
GIVEN a Wikipedia article
AND a user who isn't logged in
AND Temporary Accounts are enabled on the repo (i.e. Wikidata)
WHEN editing on Wikidata Bridge
THEN an entry with their temporary account name is added to the edit history of the Item

Acceptance criteria:

  • IP is not leaked for users editing on Wikidata Bridge and IP masking is enabled on the repo

Event Timeline

I think in this direction there is no issue. If temporary accounts are enabled on Wikidata, then that means a new temporary account will be created on edit, and that's that. Whether that API-call comes the Wikidata UI, a Wikipedia wiki or the command line with curl, doesn't make a difference. (We still may wish to do some UX adjustments, but that is not what this task is about.)

If on the Wikipedia-wiki (client wiki) Temporary Accounts are enabled, but not yet on Wikidata, and an edit is with the Wikidata bridge, what is the desired/acceptable behavior? Though, on the other hand, this would be expected to be a temporary state, and we should consider how many resources we want to invest into it.

Thanks so much Michael, in response to your question

If on the Wikipedia-wiki (client wiki) Temporary Accounts are enabled, but not yet on Wikidata, and an edit is with the Wikidata bridge, what is the desired/acceptable behavior?

As the edit will be coming from Wikidata, we will keep the warning on Wikidata Bridge. See: T353807#9427709

Arian_Bozorg claimed this task.