HistoryServiceFactory looks to expose some history. I'm not sure if its safe or not.
Description
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Open | None | T67626 [Epic] Support for queries on-wiki (automated list generation) | |||
Resolved | Smalyshev | T85159 [EPIC] Deploy a Wikidata Query Service into production | |||
Resolved | Smalyshev | T91812 Wikidata Query: Secure BlazeGraph's SPARQL | |||
Resolved | Smalyshev | T91824 Wikidata Query: Secure BlazeGraph's SPARQL: Investigate HistoryServiceFactory |
Event Timeline
Not sure for public endpoint - some people would love the chance to look at the queries, but some people may be concerned for privacy reasons (aka "why did you look for nuclear stations within 10 mile radius of your location?").
For internal endpoints I guess we can allow everything and trust ourselves?
Indeed. I created the task because I saw the class when I was looking for
federated queries and didn't have time to read it but it looked like it
might cause us trouble.
This seems to be controlled by com.bigdata.rdf.store.AbstractTripleStore.historyService with default false. So unless we manually enable it (which we won't) it is fine.
Also, judging from the fact that create() in HistoryServiceFactory right now just throws an exaception, I'm not sure it actually can return anything.