Wed, Mar 18
Tue, Mar 17
Mon, Mar 16
Hi! Here's some documentation I made about this process.
Thu, Mar 12
Wed, Mar 11
Tue, Mar 10
Also, before we merge master to wmf_deploy we should properly revert this change that was accidentally +2'ed only on the wmf_deploy. (We thought we'd reverted it but the revert patch in the end didn't merge because of CI. The version of the change on master is waiting for an update from the author.)
Wed, Mar 4
Tue, Mar 3
Fri, Feb 28
Feb 25 2020
Feb 18 2020
if the sampling ratio of the data on that table is good enough then we can help you set up workflows to read from that table the banner counts in question.
See also T192564: [Epic] Banner history improvements for some ideas we've had over the years on how to improve these logs.
Just a few initial thoughts:
- Pre-processing might include flagging logs as randomly sampled or sent following a click to donate.
- Time zone and geographical region are probably needed. For the pageview on which the log was sent back, this is in the unsanitized Hive table. Better would be to have it for every entry in the log. In either case, legal review would probably be needed. See also T170559.
- The article viewed is purposefully not included in the logs, though it would be possible to find this information for the pageview on which the log was sent to the servers, using the Hive WebRequest table.
Feb 14 2020
Feb 12 2020
Feb 11 2020
Feb 10 2020
Jan 29 2020
Here are the queries we used for this:
Jan 24 2020
Jan 15 2020
To test the fix locally:
- Set up two campaigns, one higher priority than the other.
- Include a close button in the banner for the campaign with higher priority.
- The higher priority campaign should always show, until the close button is clicked on the banner. On subsequent pageviews after the button has been clicked, the lower priority campaign should show.
- To test again, clear cookies for the local wiki.
Jan 13 2020
Jan 10 2020
Jan 7 2020
Here's an overview of the status of this project:
Jan 6 2020
Just updated the draft specification for this. We should also look at legacy default values for empty country and project fields.
Jan 3 2020
Dec 22 2019
Dec 19 2019
Dec 18 2019
Dec 16 2019
Dec 12 2019
Dec 11 2019
As per T219604, it's just the RL modules aliases that have changed, but the modules are still around, so we should be able to fix pretty easily.
Dec 7 2019
Dec 6 2019
@Pcoombe Thanks so much for this fix!!! Looks great!
Dec 5 2019
@Pcoombe wrote (on IRC):
presumably the vulnerability is that code could be saved in a page. and they just used preloadtitle to avoid creating a page demonstrating it that anyone can see
@Bawolff, if I understand correctly, this is dependent on the injection into the DOM of content using the preloadtitle URL parameter, correct? I was unaware of this Mediawiki feature... now looking at the doc for this...
@Bawolff, thanks so much for finding this!!!!! Could you please confirm that this is the code in question, and explain a few more details about how it works?