Page MenuHomePhabricator

AbuseFilter should not treat uploads to stash the same as real uploads
Closed, ResolvedPublic


AbuseFilter was triggered for File:Undefined.png, this is a stashed file. The upload stash is a private area and AF should probably not (publicly) log SHA1, file size and user. The file name "File:Undefined.png" is just confusing. Leave it empty if it's unknown/ in stash.

Event Timeline

Rillke raised the priority of this task from to Needs Triage.
Rillke updated the task description. (Show Details)
Rillke added a project: AbuseFilter.
Rillke added a subscriber: Rillke.

"hoo: Yeah, the actual bug is that whatever [...] does that [...] should not be calling hooks as if it were to create actual content"

Note that it would still be sometimes useful to check uploads going into stash, and not only when they're published (for cases where we can reject a file based only on the file's contents, and not name/description etc.). Here's an example filter: But then we wouldn't want them to be rejected by filters checking e.g. that length of the description is bigger than N, or for some intricate conditions on the filename. So perhaps we should set 'action' to 'upload-to-stash' or something for them, rather than 'upload'.

This bug certainly confused me, as seen at
Having a different action would be a great improvement to reduce confusion I think.

Even better would be for AF to make it easy to follow the activity of a stash, with iterations of changes of filename, etc, and each stash entry should mention the final page title used when it was made public, or "incomplete upload" if the stash hasnt been published yet.

For the privacy aspects of this task, I dont think it is appropriate to consider the stash as a private area. I think a more appropriate terminology for it is a "temporary area".

How could logging filename, sha, filesize, username, etc be inappropriate?
Are there valid non-abusive use of the stash, other than as part of public uploading?

matmarex renamed this task from AbuseFilter should not check upload stash or at least not log it to AbuseFilter should not treat uploads to stash the same as real uploads.Jun 20 2016, 5:09 PM
matmarex claimed this task.
matmarex raised the priority of this task from Low to Medium.

Change 295254 had a related patch set uploaded (by Bartosz Dziewoński):
Provide page text and edit summary when filtering file uploads

Change 295254 merged by jenkins-bot:
Provide page text and edit summary when filtering file uploads

This is fixed now. After the patch is deployed to Commons with MediaWiki 1.28.0-wmf.10 (per the roadmap, this Wednesday, 13 July 2016; although there's currently a problem with logins and all wikis were rolled back to wmf.8, so this might be delayed), uploads to stash will use action='stashupload' rather than action='upload'. See for documentation. If it's unclear, don't hesitate to ask on the talk page there (I'm watching it).