For the record
media.wiki is registered by Top design LLC or reserved.
You have to sue them to get the name or just ignore them.
On 3/25/14, Jasper Deng jas...@jasperswebsite.com wrote:
Ultimately, registering .wiki names for Wikimedia wikis might improve
accessibility to our wikis and
These names will be moved so that requests to them go to our server in
the eqiad data center. This should not cause any service interruptions
but you may notice more current files available for download as the
switch goes into effect.
Time of switch: 10 to 12 am Thursday March 27, UTC.
For UTF-8 adding ensure_ascii = False to json.dumps would fix it. For
HTML, there is no simple way as far as I know. With some searching you
can find some workarounds. Or you can consider using
https://github.com/simplejson/simplejson
I did point out this issue almost a week ago
Sumana,
Sorry for my late reply but since you asked for corrections, here are a
couple.
Mustache.js is a popular modern choice.
Not really, mustache has many lack-offs that prevent it from being a
popular choice, among them the lack of a server side compiler and if/else
constructs. Handlebars is
On Wed, Mar 26, 2014 at 3:21 AM, Nuria Ruiz nu...@wikimedia.org wrote:
So for string-based systems to be
as safe as dom ones, we also need a layer of policy and code review that
we
might not need with a dom-based system.
String based template engines (like handlebars) do escape as a default,
Hi, I have written example of how my idea works[1].
Also, I have benchmark test with LUA. [2]
Surprisingly, the performance of my solution is higher than has LUA.
Maybe it's not a very good comparison, but I made it is not to be used
in this way.
If it is used for its intended purpose, the
Ha! I had added wikimetrics but it wasn't working at first. It's working
now so that's great, I'll take a deeper look.
On Tue, Mar 25, 2014 at 12:35 PM, Gilles Dubuc gil...@wikimedia.org wrote:
You can add external repos, people have already added a bunch:
http://fab.wmflabs.org/diffusion/
The issue is that they apply the same escaping, regardless of the
html context. So, in Twig and mustache, div class={{something}}/div is
vulnerable, if something is set to 1234 onClick=doSomething().
Right, the engine would render:
div class=1234 onClick=doSomething() /div
because it only
On 2014-03-26, 9:32 AM, Nuria Ruiz wrote:
The issue is that they apply the same escaping, regardless of the
html context. So, in Twig and mustache, div class={{something}}/div is
vulnerable, if something is set to 1234 onClick=doSomething().
Right, the engine would render:
div class=1234
Note that my favorite handlebars-like template engine is currently
spacebars, developed as part of the meteor.js project. This does safe
structured interpolation, so it's not really a string-based template
engine any more -- but it still contains the same minimalist markup (it
basically looks
On Wed, Mar 26, 2014 at 9:44 AM, Daniel Friesen
dan...@nadir-seen-fire.comwrote:
On 2014-03-26, 9:32 AM, Nuria Ruiz wrote:
The issue is that they apply the same escaping, regardless of the
html context. So, in Twig and mustache, div class={{something}}/div
is
vulnerable, if something is
How does a custom function jammed into the middle of a Mustache template
fix the issue when the issue is not that foo={{something}} doesn't
escape, but is that quoting is needed instead of escaping, and Mustache
isn't context sensitive so neither Mustache or a custom function know
that
On 2014-03-26, 10:15 AM, Nuria Ruiz wrote:
How does a custom function jammed into the middle of a Mustache template
fix the issue when the issue is not that foo={{something}} doesn't
escape, but is that quoting is needed instead of escaping, and Mustache
isn't context sensitive so neither
Additionally, how you escape a plain parameter like class vs. an
href vs. a parameter that is inserted into a url vs. an id attribute are
all different escaping strategies.
Urls in the template engine need to be handled on their own, sure. But what
template engine does not work in this fashion?
On Wed, Mar 26, 2014 at 10:30 AM, Nuria Ruiz nu...@wikimedia.org wrote:
Additionally, how you escape a plain parameter like class vs. an
href vs. a parameter that is inserted into a url vs. an id attribute are
all different escaping strategies.
Urls in the template engine need to be handled
On Wed, Mar 26, 2014 at 10:30 AM, Nuria Ruiz nu...@wikimedia.org wrote:
Additionally, how you escape a plain parameter like class vs. an
href vs. a parameter that is inserted into a url vs. an id attribute are
all different escaping strategies.
Urls in the template engine need to be handled
On Wed, Mar 26, 2014 at 9:56 AM, Jon Robson jrob...@wikimedia.org wrote:
I agree Max, that would be a great patch to get finish.
Pulling in wikitech for wider discussion since it seems Timo wanted a
wider discussion.
tldr: Let's add a method of template/blob delivery into ResourceLoader
Hi, we are still welcoming mentors for this interesting proposal
On Thu, Mar 20, 2014 at 6:58 PM, Ιωάννης Πρωτονοτάριος
ioan...@protonotarios.eu javascript:; wrote:
My proposal is the creation of a frontend that will help users with little
or no experience at all to easily produce all the CSS
Hello,
Could someone please tell me if there's any way to have an #ask query
return sub-categories? I've tried all the different configuration
options and nothing seems to allow it.
For example if I write the query {{#ask:[[Category:Foo]]}} then all the
normal pages which are categories in
On 03/26/2014 10:55 AM, Chris Steipp wrote:
On Wed, Mar 26, 2014 at 10:30 AM, Nuria Ruiz nu...@wikimedia.org wrote:
Additionally, how you escape a plain parameter like class vs. an
href vs. a parameter that is inserted into a url vs. an id attribute are
all different escaping strategies.
We *might* get a secondary mentor from the WMF Design team to support the
UI work and also the possibilities of CSS customization options that
MediaWiki admins might be interested about. We miss a developer familiar
with MediaWiki extension developer. I'm not an expert, but this extension
On Wed, 26 Mar 2014 20:06:10 +0100, Brian Wolff bawo...@gmail.com wrote:
I actually think (imho) it would be better implemented as a separate
resource loader module rather then piggy backing on
MediaWiki:Common.css. Otherwise it will get bogged down with trying to
parse Common.css to figure out
On 03/25/2014 02:05 AM, Sumana Harihareswara wrote:
https://www.mediawiki.org/wiki/Architecture_meetings/RFC_review_2014-03-26
This Wednesday the 26th, at 2100 UTC, in #wikimedia-office , we will be
talking about Jon Robson's Allow styling in templates proposal:
As part of the migration of labs from pmtpa to eqiad, I'll be
redirecting wikitech to a new host in eqiad on Tuesday. This will
require some downtime in order to make sure that the wikis are in sync
between the two boxes.
It should only take a few minutes, but don't be alarmed if things are
Will the new wiki be faster? Will it not log me off randomly even if I
check remember me. Will it serve coffee to new users?
On Wed, Mar 26, 2014 at 9:03 PM, Andrew Bogott abog...@wikimedia.org wrote:
As part of the migration of labs from pmtpa to eqiad, I'll be redirecting
wikitech to a new
Sorry I phrased that very badly, I meant:
If I write the query {{#ask:[[Category:Foo]]}} then all the normal pages
which are in Category:Foo will show up in the results, but none of the
sub-categories of Foo (i.e. category pages which are members of
Category:Foo).
On 26/03/14 15:19, Aran
On Wed, Mar 26, 2014 at 1:40 PM, Petr Bena benap...@gmail.com wrote:
Will the new wiki be faster? Will it not log me off randomly even if I
check remember me. Will it serve coffee to new users?
Do you still have an issue where it logs you off randomly? That was very
briefly an issue that I
Hey all,
I wanted to give people an extra notice that we're updating the default
typography across all Wikimedia sites, for users of the Vector skin. This
was also mentioned in the last Tech News edition, and announced by Greg as
part of the deployment roadmap.
This will happen in the following
28 matches
Mail list logo