Page MenuHomePhabricator
Create Task
Maniphest T355076

Adjust Wikibase repo to not leak IPs when editing and IP masking is enabled
Closed, ResolvedPublic
Actions

Description

Problem:
We are currently leaking the IPs of users who are not logged in when making certain edits on Wiklidata.

With temporary accounts are enabled on the repo, we must not leak the IPs of users who are not logged in and add entry with their temporary account name instead to the edit histories etc.

Affected SpecialPages

EntitySchema pages T356148

  • Create EntitySchema
  • Edit EntitySchema text
  • Set label, description and aliases for EntitySchema

Lexeme pages T356147

  • Create Lexeme (both js and non-js)
  • Merge Lexeme

Item and Property pages T356149

  • Create Item
  • Create Property
  • Merge Item
  • Redirect an entity
  • Set Item sitelink
  • Set Item label, description or alias
  • Set Property label, description or alias

Affected page UIs
Item/Property UI T356151
Lexeme UI T356150

Affected APIs
Action API (if required)
REST API

BDD
GIVEN a user who isn't logged in
AND Temporary Accounts are enabled
WHEN an edit is made
THEN an entry with their temporary account name is added to the edit history of the Item

Acceptance criteria:

  • IP is not leaked for users editing on SpecialPages and IP masking is enabled on the repo
  • IP is not leaked for users editing on Item, Property, Lexeme nor EntitySchema UIs and IP masking is enabled on the repo
  • IP is not leaked for users editing through the REST and Action API and IP masking is enabled on the repo

Related Objects
Search...

Event Timeline

Arian_Bozorg created this task.Jan 15 2024, 4:45 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 15 2024, 4:45 PM
karapayneWMDE moved this task from Incoming to Product Backlog on the Wikidata Dev Team board.Jan 16 2024, 3:07 PM
Lucas_Werkmeister_WMDE subscribed.Jan 17 2024, 9:51 AM
Arian_Bozorg updated the task description. (Show Details)Jan 30 2024, 6:02 AM
Arian_Bozorg updated the task description. (Show Details)
Arian_Bozorg closed subtask T356151: Adjust Item/Property UI to not leak IPs when editing and IP masking is enabled as Resolved.Jan 31 2024, 10:11 AM
Arian_Bozorg closed subtask T356147: Adjust Lexeme Special Pages to not leak IPs when editing and IP masking is enabled as Resolved.Jan 31 2024, 10:20 AM
Arian_Bozorg closed subtask T356150: Adjust Lexeme UI to not leak IPs when editing and IP masking is enabled as Resolved.
Arian_Bozorg closed subtask T356148: Adjust EntitySchema Special Pages to not leak IPs when editing and IP masking is enabled as Resolved.Jan 31 2024, 10:24 AM
Lucas_Werkmeister_WMDE reopened subtask T356147: Adjust Lexeme Special Pages to not leak IPs when editing and IP masking is enabled as Open.Feb 20 2024, 4:25 PM
Arian_Bozorg added a parent task: T351968: Update Wikidata-related extensions for IP Masking.Feb 22 2024, 1:11 PM
Arian_Bozorg closed subtask T356149: Adjust Item and Property Special Pages to not leak IPs when editing and IP masking is enabled as Resolved.Mar 1 2024, 2:27 PM
Arian_Bozorg closed this task as Resolved.Mar 1 2024, 2:36 PM
Arian_Bozorg claimed this task.
Arian_Bozorg closed subtask T356147: Adjust Lexeme Special Pages to not leak IPs when editing and IP masking is enabled as Resolved.

All the tickets are closed \o/

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL