Page MenuHomePhabricator

MarkusRost
User

Projects

Today

  • Clear sailing ahead.

Tomorrow

  • Clear sailing ahead.

Saturday

  • Clear sailing ahead.

User Details

User Since
Apr 9 2019, 9:07 PM (287 w, 1 d)
Availability
Available
LDAP User
Unknown
MediaWiki User
MarkusRost [ Global Accounts ]

Recent Activity

May 6 2024

MarkusRost added a member for Trusted-Contributors: Alex44019.
May 6 2024, 2:57 PM

Jul 2 2023

MarkusRost added a comment to T340921: Make OAuth2 refresh tokens valid for longer than access tokens.

Change 934713 had a related patch set uploaded (by Gergő Tisza; author: Gergő Tisza):

[mediawiki/extensions/OAuth@master] Fix default refresh token expiry

https://gerrit.wikimedia.org/r/934713

Jul 2 2023, 9:17 PM · MW-1.42-notes (1.42.0-wmf.1; 2023-10-17), MediaWiki-extensions-OAuth
MarkusRost created T340921: Make OAuth2 refresh tokens valid for longer than access tokens.
Jul 2 2023, 8:12 AM · MW-1.42-notes (1.42.0-wmf.1; 2023-10-17), MediaWiki-extensions-OAuth

Jun 30 2022

MarkusRost added a comment to T34959: Private filters should not be visible in recent changes.

I think having edits to abuse filter hidden from recent changes is problematic for admins. It's currently possible that admins will never notice the existence of new filters which might cause problems later on. Trying to solve issues of editors is also made a lot harder when admins don't know that there was a recent abuse filter change which causes the issue.

Jun 30 2022, 3:14 PM · MW-1.35-notes (1.35.0-wmf.5; 2019-11-05), User-DannyS712, AbuseFilter

Jan 4 2021

MarkusRost added a comment to T270713: CVE-2021-30152: action=protect lets users with 'protect' permission protect to higher protection level.

Wouldn't returning a permissions error be the better message? That message should already exist as well and the user is in fact missing the permission to protect to that level.

Jan 4 2021, 6:22 PM · MW-1.36-notes, MW-1.37-notes (1.37.0-wmf.1; 2021-04-13), Platform Team Workboards (Clinic Duty Team), Patch-For-Review, Vuln-MissingAuthz, Security-Team, Security, MediaWiki-Action-API