In Progress: 3.4.11 was release on 2023-01-04, but hasn't been populated e.g. in the updater as of yet due some emerging issues.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Jan 7 2023
Jan 17 2022
I'm also busy and still setting up my dev env again, but that's my current status:
@@ -152,13 +152,15 @@ bool EditQuery::IsProcessed() { reason = _l("editquery-error-badtoken"); hec = HUGGLE_ETOKEN; // we log off the site this->Suspend(); - Configuration::Logout(this->Page->GetSite()); + //Configuration::Logout(this->Page->GetSite()); Syslog::HuggleLogs->ErrorLog(_l("editquery-invalid-token", this->Page->PageName)); this->qEdit.Delete(); + WikiUtil::RetrieveTokens(this->Page->GetSite()); + // error handling in case of failure is bad return false; } else { // We don't want to process failure in case the query was suspended this->Result = new QueryResult(true);
Jan 16 2022
Tried to reproduce it yesterday. Almost every time directly after login (updating huggle userlist) or logout (updating preferences). No really an idea why esp. directly after login the token is bad, looked at request log is the correct one fetched seconds before. And then suddently after trying to debug (as always :D ) or random after dozens of tries it works.
Jul 12 2021
Oct 7 2018
Since I am not active since a long time ago but this is still assigned to me I reassign it to Daimona, who is more active and has taken over the original patch.
Hope you finish it, @Daimona :)
Sep 21 2018
For all viewers of this task comming from the announcement of MediaWiki Security release of 1.27.5 / 1.29.3 / 1.30.1 / 1.31.1 (Thu, 20 Sep 2018)
Dec 1 2017
Nov 30 2017
Apr 3 2017
Apr 1 2017
Mar 23 2017
Aug 1 2016
similar to T99793. where I currently can't reproduce that bug, but instead got this output behavior.
Apr 20 2016
A quick test by repeating the request suggests that deployment-mediawiki01.deployment-prep.eqiad.wmflabs delivers for Special:Radom a blank page and deployment-mediawiki02.deployment-prep.eqiad.wmflabs correctly redirects.
Feb 19 2016
If he tries to login in repeatedly in a short period of time, then even if the password is correct the api can return "throttled".
By default this is 5 logins within 300 seconds (5 minutes). (from https://www.mediawiki.org/wiki/API:Login#Throttling ).
Feb 9 2016
Wasn't https forced already long before "28/29 Jan 2016"? Nevermind, there are locations in the vb-sourcecode where http is hardcoded. Also even if there were https, afaik there would be per default no cert validation.
This must be fixed in the old visual basic code. but the devs/Petr don't support HG2 any more.
Jan 18 2016
Jan 12 2016
@Niedzielski could you clarify if you mean the test in the app should be fixed?
Or can I assume that you are wondering why the edit goes through? This is as intended (see before) and the text in the warning message. ( "Prevent the user from performing the action in question" unchecked, "Trigger these actions after giving the user a warning" checked in the filter). Please close as invalid if resolved for you.
This isn't a issue of AbuseFilter, is it? The filter is only set to warn, not prevent any edit. So after the warning, if you resubmit it (or something for the same pagename) in the same php session again, it will go through. Doing as intended from AbuseFilter side.
Oct 19 2015
This is a problem with a local gadget https://www.wikidata.org/wiki/MediaWiki:Gadget-PopupsFix.js, not with popups itself.
Please raise this issue on Wikidata.org village pump or gadget talkpage.
Oct 13 2015
PS: A thing where I'm not sure about if this is the right thing is the argument supplied to the matcher-function. Currently it is the href-part of a link, e.g. "/wiki/Mainpage".
But the gadget works/inspects on the title-attribute of the link. Theoretically that could be modified to work on the url, but maybe there are edge cases, which require addition infos.
Ok, I try to explain what this patch aims at.
The patch in question solves the problem that previously it wasn't possible to add new renderer without overwriting popups javascript functions with own customized ones, which are prone to break if the original function changes. Also obviously this only works easy with one external party.
You can see that approach taken at the wikidata gadget by bene* at https://www.wikidata.org/wiki/MediaWiki:Gadget-PopupsFix.js who overwrites mw.popups.render.article.init.
In T102921#1720328, @Jdlrobson wrote:I understand what you are trying to achieve and what the desired outcome is.
I just want to know whether https://gerrit.wikimedia.org/r/232236 helps you do that.
This requires you building something.To be clear I expect the Wikidata team to make use of https://gerrit.wikimedia.org/r/232236 to make this happen. Once I see working code I'll merge https://gerrit.wikimedia.org/r/232236 otherwise it will not happen.
Oct 12 2015
Oct 7 2015
another option would be QApplication::beep()
Sep 27 2015
Sep 26 2015
Which filter triggers the block? Google translate mentions it could be filter 41?
I can't see it because its private, but from the list entry it tags atm. I suppose blocking has been disabled.
Sep 21 2015
Note: <math> formulars on pages doesn't have to be rendered as a plain png, Extension:Math also supports MathML (browser rendering) with SVG/PNG-fallback or (removed) via MathJax (JS-library) and other modes by itself.
Extension:Math even has a user setting for that on wikimedia-wikis (I won't judge if that makes sense in context for hovercards).
Sep 20 2015
In T99793#1654258, @Jdlrobson wrote:As @Prtksxna points out this is an image. We could take the value of the text in the alt tag although this would have more serious impacts on other text extracts where the image is not a crucial part of the information. Could the article be rewritten to us one of the many maths extensions we have?
Sep 13 2015
In T86523#1630176, @Aklapper wrote:@Se4598: I cannot reproduce this anymore in Firefox 40. Can you?
Sep 11 2015
ok, to summarise the features requested here are:
- create edit queues based on selected tags (user config)
- take specific tags into score calculation (per project/user config)
- show edit tags under the edit summary at the top of each edit
Aug 20 2015
Aug 16 2015
See notes on changeset. (hm, somehow my annotations are off by one line)
Aug 15 2015
@Tinaj1234 This patch doesn't cover all the strings that need to be translated in the extension, right?
Aug 6 2015
Jul 15 2015
Jul 14 2015
Jul 2 2015
Jun 28 2015
May 27 2015
May 25 2015
In T99999#1308438, @Wtmitchell wrote:I've never attached backup like screenshots to a Phabricator report and , looking around here as I''m entering this comment, it's not obvious to me how to attach screenshots to a report while entering a comment.
May 24 2015
May 13 2015
readding VisualEditor: was removed without explanation and the correlation seems obvious.
Quoting from another bug, maybe dupe of (T73947: Edits via API (e.g. through VisualEditor) cause AbuseFilter to work on pre-automerged edit):
May 1 2015
This sounds like a simple JS-userscript to execute on a log page, and the API is there. Hasn't noone this idea yet or am I missing something? There is no need for a regex to clean up when it can be interpreted as json.
Apr 8 2015
In T94368#1192301, @Luke081515 wrote:OK, whats the next step now?
Apr 6 2015
old bugs reintroduced. I'm not innocent on this one.
Are try-catch in JS code nice?
In T21565#1183187, @Dragons_flight wrote:The underlying technical problem is that uploads proceed in two steps. First the file is uploaded to the server and then the text is processed and saved to the database. We have a hook into the upload process, but at that point in software the uploaded text is not yet available.
After poking around the code a bit, my instinct is that the best approach probably to add a new hook in UploadBase/performUpload prior to calling LocalFile->upload. Call it something like, UploadBeforeSaveText and send it the file info as well as the $comment, $page_text, and $user. And then move all AbuseFilter processing of uploads to that hook. The biggest potential pitfall is probably making sure the code aborts correctly and doesn't leave dangling stuff on the file system (the code is complicated enough that I'm not currently sure what cleaning might be necessary in response to a late abort).
The only other sensible alternative that I see would be to make page_text, etc. properties of UploadBase and associate it with the file much earlier in the upload process, before verifyUpload gets called. In some ways this might be preferable conceptually, as it would enforce a tighter integration of file description text and file content (and doesn't require a new hook), but doing that seems like it would require many more dependency changes since one would be modifying the parameters sent to performUpload among other things.
Does anyone else have suggestions about how to proceed here?
Mar 27 2015
Mar 26 2015
Mar 24 2015
related: T93319: IE9 does not show reference backlinks around the same lines of CSS.
Mar 21 2015
stuck open hovercard at https://en.wikipedia.org/wiki/Blackadder (1.25wmf21 (rMWdd2e66f6e20d)) @Prtksxna
FF's own Web Console shows (with grey cross):
"[Popups] Missing property "action"" load.php:39:408 "[Popups] Value null is the wrong type for property "duration" (integer expected)" load.php:39:408
Mar 20 2015
Related to this task: Since the change I get emails from watched gerrit projects about submitted l10n changes. This wasn't before (except changes manually approved).
Is there a way to ignore L10n-bot again (particularly changes owned by l10n and submitted by jenkins)?
Mar 17 2015
I assume there was a javascript error. I also had this infrequent lately but sadly forgot to save the message.
Mar 13 2015
Mar 12 2015
I will post a notice about this on dewiki's blacklist. It contains a lot of common german insults and also variants of local sysops usernames, which are affected by stalking trolls.
Also enwiki has similiar cases.
So before the switch gets flipped, Glaisher's questions (which would be mine too, from above link), should be answered.
So since this is going to happen, we need a process for migrating reasonable rules from local blacklists to this one (also abusefilters which prevents usernames needs to be disabled and imported here). [...] Glaisher (talk) 12:57, 11 March 2015 (UTC)
any update here? I suspect it is still not working.
The code (module "ext.betaFeatures.popup") is there, but it isn't loaded for me for an unknown reason. Option "betafeatures-popup-disable" is unset for me.
Mar 11 2015
Mar 4 2015
@yuvipanda: I don't know which infos are all on stat*, but relative easy queries can already be made together with Extension:AccountAudit like
SELECT up_property, up_value, COUNT(*) AS count FROM user_properties INNER JOIN accountaudit_login ON aa_user = up_user WHERE up_property LIKE "%gadget%" AND aa_lastlogin > '201404' GROUP BY up_property, up_value ORDER BY count;
(the query run in August 2014 and needed 1 min 32 sec for dewiki)