Change Details

== Background Information After discussions on {T372753} and investigations on the RESTBase codebase, we realised that cxserver v1 endpoints are not supported anymore and they should be removed from our infrastructure. == What Like we did for MCS in {T328036} we should block the requests before removing the code. == How Block the following endpoints: - [ ] POST <domain>/api/rest_v1/transform/html/from/{from} - [ ] POST <domain>/api/rest_v1/transform/html/from/{from}/{provider} - [ ] GET <domain>/api/rest_v1/transform/word/from/{from}/{word} - [ ] GET <domain>/api/rest_v1/transform/word/from/{from}/{word}/{provider} - [ ] GET <domain>/api/rest_v1/segments/{title} - [ ] GET <domain>/api/rest_v1/segments/{title}/{revision} - [ ] POST <domain>/api/rest_v1/transform/html/from/{from_lang}/to/{to_lang} - [ ] POST <domain>/api/rest_v1/transform/html/from/{from_lang}/to/{to_lang}/{provider} - [ ] GET <domain>/api/rest_v1/transform/word/from/{from_lang}/to/{to_lang}/{word} - [ ] GET <domain>/api/rest_v1/transform/word/from/{from_lang}/to/{to_lang}/{word}/{provider} - [x] GET <domain>/api/rest_v1/list/pair/{from}/{to}/ - [x] GET <domain>/api/rest_v1/list/tool/{tool} - [x] GET <domain>/api/rest_v1/list/tool/{tool}/{from}/{to} - [x] GET <domain>/api/rest_v1/list/languagepairs/ == Why is safe to block requests It's safe to block the requests for the following reasons: - Looking at the requests data, [[ https://turnilo.wikimedia.org/#webrequest_sampled_128/4/N4IgbglgzgrghgGwgLzgFwgewHYgFwgDmAThACYgA0408SqGOAygKZobaFT7YwILUMAWxbIcLfCACiaAMYB6AKoAVAMJUQAMwgI0LYtzwBtUGgCeABwkFhE6sRabJAfWe2NtgEpxOLQyZAoNDhiNEkAJgAGcIAWAFoARki4qOUEgGY8SMisyIA6bMiALQ0WbAoCKNjE5PCEtMzs3ILskoBfAF02ylNLa0C0Uk4NBycCGFJnC3QACw04WUZcAlkcYIhsbmowRBg/fCMQOAsIeQcg5zAE+UGfKE1MYiF5GbQhBHlNYkwhEA7qbCYMJ4TSIKAsTrUKAWJBofy9KySIJDQgaMgQESbLDLEAwcHEZxwQhlMJQx7A0CjSQzCBwjx9JH6CD7ajohyLbGSMh+WRldHDahWUiYCogEDdEBIIS0/BJSLdBH9ZEbVGsjFlKCcgijfT6DRQcn4SmOam0rYgcyIgj45nmtksDk4Lk8vkqjRCrCi8XUKUyvByyGBJn7YzGzS67C80106gPJ7oI0WhkEbmgvik8C7frepNWkAiOCwBzi/4gE7YbAsMgAEXVWJw/lL5crZCYhoINLpbSAA== | example here ]], no relevant clients consume it and the majority of the requests are attempts to exploit the endpoint. - Clients already had time to migrate cxserver to v2, and there's no appetite to make further communications. - The endpoints are either not supported or broken

== Background Information After discussions on {T372753} and investigations on the RESTBase codebase, we realised that cxserver v1 endpoints are not supported anymore and they should be removed from our infrastructure. == What Like we did for MCS in {T328036} we should block the requests before removing the code. == How Block the following endpoints: - [x] POST <domain>/api/rest_v1/transform/html/from/{from} - [x] POST <domain>/api/rest_v1/transform/html/from/{from}/{provider} - [x] GET <domain>/api/rest_v1/transform/word/from/{from}/{word} - [x] GET <domain>/api/rest_v1/transform/word/from/{from}/{word}/{provider} - [ ] GET <domain>/api/rest_v1/segments/{title} - [ ] GET <domain>/api/rest_v1/segments/{title}/{revision} - [ ] POST <domain>/api/rest_v1/transform/html/from/{from_lang}/to/{to_lang} - [ ] POST <domain>/api/rest_v1/transform/html/from/{from_lang}/to/{to_lang}/{provider} - [ ] GET <domain>/api/rest_v1/transform/word/from/{from_lang}/to/{to_lang}/{word} - [ ] GET <domain>/api/rest_v1/transform/word/from/{from_lang}/to/{to_lang}/{word}/{provider} - [x] GET <domain>/api/rest_v1/list/pair/{from}/{to}/ - [x] GET <domain>/api/rest_v1/list/tool/{tool} - [x] GET <domain>/api/rest_v1/list/tool/{tool}/{from}/{to} - [x] GET <domain>/api/rest_v1/list/languagepairs/ == Why is safe to block requests It's safe to block the requests for the following reasons: - Looking at the requests data, [[ https://turnilo.wikimedia.org/#webrequest_sampled_128/4/N4IgbglgzgrghgGwgLzgFwgewHYgFwgDmAThACYgA0408SqGOAygKZobaFT7YwILUMAWxbIcLfCACiaAMYB6AKoAVAMJUQAMwgI0LYtzwBtUGgCeABwkFhE6sRabJAfWe2NtgEpxOLQyZAoNDhiNEkAJgAGcIAWAFoARki4qOUEgGY8SMisyIA6bMiALQ0WbAoCKNjE5PCEtMzs3ILskoBfAF02ylNLa0C0Uk4NBycCGFJnC3QACw04WUZcAlkcYIhsbmowRBg/fCMQOAsIeQcg5zAE+UGfKE1MYiF5GbQhBHlNYkwhEA7qbCYMJ4TSIKAsTrUKAWJBofy9KySIJDQgaMgQESbLDLEAwcHEZxwQhlMJQx7A0CjSQzCBwjx9JH6CD7ajohyLbGSMh+WRldHDahWUiYCogEDdEBIIS0/BJSLdBH9ZEbVGsjFlKCcgijfT6DRQcn4SmOam0rYgcyIgj45nmtksDk4Lk8vkqjRCrCi8XUKUyvByyGBJn7YzGzS67C80106gPJ7oI0WhkEbmgvik8C7frepNWkAiOCwBzi/4gE7YbAsMgAEXVWJw/lL5crZCYhoINLpbSAA== | example here ]], no relevant clients consume it and the majority of the requests are attempts to exploit the endpoint. - Clients already had time to migrate cxserver to v2, and there's no appetite to make further communications. - The endpoints are either not supported or broken

== Background Information After discussions on {T372753} and investigations on the RESTBase codebase, we realised that cxserver v1 endpoints are not supported anymore and they should be removed from our infrastructure. == What Like we did for MCS in {T328036} we should block the requests before removing the code. == How Block the following endpoints: - [ - [x] POST <domain>/api/rest_v1/transform/html/from/{from} - [ - [x] POST <domain>/api/rest_v1/transform/html/from/{from}/{provider} - [ - [x] GET <domain>/api/rest_v1/transform/word/from/{from}/{word} - [ - [x] GET <domain>/api/rest_v1/transform/word/from/{from}/{word}/{provider} - [ ] GET <domain>/api/rest_v1/segments/{title} - [ ] GET <domain>/api/rest_v1/segments/{title}/{revision} - [ ] POST <domain>/api/rest_v1/transform/html/from/{from_lang}/to/{to_lang} - [ ] POST <domain>/api/rest_v1/transform/html/from/{from_lang}/to/{to_lang}/{provider} - [ ] GET <domain>/api/rest_v1/transform/word/from/{from_lang}/to/{to_lang}/{word} - [ ] GET <domain>/api/rest_v1/transform/word/from/{from_lang}/to/{to_lang}/{word}/{provider} - [x] GET <domain>/api/rest_v1/list/pair/{from}/{to}/ - [x] GET <domain>/api/rest_v1/list/tool/{tool} - [x] GET <domain>/api/rest_v1/list/tool/{tool}/{from}/{to} - [x] GET <domain>/api/rest_v1/list/languagepairs/ == Why is safe to block requests It's safe to block the requests for the following reasons: - Looking at the requests data, [[ https://turnilo.wikimedia.org/#webrequest_sampled_128/4/N4IgbglgzgrghgGwgLzgFwgewHYgFwgDmAThACYgA0408SqGOAygKZobaFT7YwILUMAWxbIcLfCACiaAMYB6AKoAVAMJUQAMwgI0LYtzwBtUGgCeABwkFhE6sRabJAfWe2NtgEpxOLQyZAoNDhiNEkAJgAGcIAWAFoARki4qOUEgGY8SMisyIA6bMiALQ0WbAoCKNjE5PCEtMzs3ILskoBfAF02ylNLa0C0Uk4NBycCGFJnC3QACw04WUZcAlkcYIhsbmowRBg/fCMQOAsIeQcg5zAE+UGfKE1MYiF5GbQhBHlNYkwhEA7qbCYMJ4TSIKAsTrUKAWJBofy9KySIJDQgaMgQESbLDLEAwcHEZxwQhlMJQx7A0CjSQzCBwjx9JH6CD7ajohyLbGSMh+WRldHDahWUiYCogEDdEBIIS0/BJSLdBH9ZEbVGsjFlKCcgijfT6DRQcn4SmOam0rYgcyIgj45nmtksDk4Lk8vkqjRCrCi8XUKUyvByyGBJn7YzGzS67C80106gPJ7oI0WhkEbmgvik8C7frepNWkAiOCwBzi/4gE7YbAsMgAEXVWJw/lL5crZCYhoINLpbSAA== | example here ]], no relevant clients consume it and the majority of the requests are attempts to exploit the endpoint. - Clients already had time to migrate cxserver to v2, and there's no appetite to make further communications. - The endpoints are either not supported or broken