[Wikidata-bugs] [Maniphest] [Commented On] T138214: query.wikidata.org CORS policies
Legoktm added a comment. In T138214#2769672, @Jonas wrote: Are you serious? Yes...? I think it is obvious that editing wikitext is and will not be the future. So then don't? You can just easily have your _javascript_ auto-editor run from wikidata.org as a gadget, but you have to copy/paste the sparql query. We want to enable everybody to provide good examples for our service and it should also be easy to maintain the examples. Okay. If you think the security risk is too big would OAuth be a good alternative? The security risk is that a security vulnerability in WDQS could be used to attack and takeover MediaWiki accounts. OAuth is a good alternative.TASK DETAILhttps://phabricator.wikimedia.org/T138214EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: LegoktmCc: Deskana, Gehel, Aklapper, Zppix, Smalyshev, Lydia_Pintscher, Legoktm, Anomie, Jonas, mschwarzer, Avner, debt, D3r1ck01, FloNight, Xmlizer, Izno, jkroll, Wikidata-bugs, Jdouglas, aude, Manybubbles, Mbch331___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T138214: query.wikidata.org CORS policies
Deskana added a comment. @Anomie made an OAuth example in the past which may prove enlightening if you're looking to use OAuth for this: https://tools.wmflabs.org/oauth-hello-world/index.phpTASK DETAILhttps://phabricator.wikimedia.org/T138214EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: DeskanaCc: Deskana, Gehel, Aklapper, Zppix, Smalyshev, Lydia_Pintscher, Legoktm, Anomie, Jonas, mschwarzer, Avner, debt, D3r1ck01, FloNight, Xmlizer, Izno, jkroll, Wikidata-bugs, Jdouglas, aude, Manybubbles, Mbch331___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T138214: query.wikidata.org CORS policies
Jonas added a comment. Are you serious? I think it is obvious that editing wikitext is and will not be the future. We want to enable everybody to provide good examples for our service and it should also be easy to maintain the examples. If you think the security risk is too big would OAuth be a good alternative?TASK DETAILhttps://phabricator.wikimedia.org/T138214EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: JonasCc: Gehel, Aklapper, Zppix, Smalyshev, Lydia_Pintscher, Legoktm, Anomie, Jonas, mschwarzer, Avner, debt, D3r1ck01, FloNight, Xmlizer, Izno, jkroll, Wikidata-bugs, Jdouglas, aude, Deskana, Manybubbles, Mbch331___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T138214: query.wikidata.org CORS policies
Legoktm added a comment. Why can't it be edited manually or with copy paste...? The security loss of opening up XSS attacks seems way larger than the minor benefit you'll get unless I'm misunderstanding something?TASK DETAILhttps://phabricator.wikimedia.org/T138214EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: LegoktmCc: Gehel, Aklapper, Zppix, Smalyshev, Lydia_Pintscher, Legoktm, Anomie, Jonas, mschwarzer, Avner, debt, D3r1ck01, FloNight, Xmlizer, Izno, jkroll, Wikidata-bugs, Jdouglas, aude, Deskana, Manybubbles, Mbch331___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T138214: query.wikidata.org CORS policies
Legoktm added a comment. I don't really understand the use case here, you want to make edits to a wikidata.org page from query.wikidata.org?TASK DETAILhttps://phabricator.wikimedia.org/T138214EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: LegoktmCc: Gehel, Aklapper, Zppix, Smalyshev, Lydia_Pintscher, Legoktm, Anomie, Jonas, mschwarzer, Avner, debt, D3r1ck01, FloNight, Xmlizer, Izno, jkroll, Wikidata-bugs, Jdouglas, aude, Deskana, Manybubbles, Mbch331___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T138214: query.wikidata.org CORS policies
Jonas added a comment. It is this setting https://gerrit.wikimedia.org/r/#/c/230247/2/wmf-config/CommonSettings.php,cmTASK DETAILhttps://phabricator.wikimedia.org/T138214EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: JonasCc: Gehel, Aklapper, Zppix, Smalyshev, Lydia_Pintscher, Legoktm, Anomie, Jonas, Avner, debt, D3r1ck01, FloNight, Izno, jkroll, Wikidata-bugs, Jdouglas, aude, Deskana, Manybubbles, Mbch331___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
[Wikidata-bugs] [Maniphest] [Commented On] T138214: query.wikidata.org CORS policies
Smalyshev added a comment. Is it the policy on query.wikidata.org or on mediawiki.org?TASK DETAILhttps://phabricator.wikimedia.org/T138214EMAIL PREFERENCEShttps://phabricator.wikimedia.org/settings/panel/emailpreferences/To: SmalyshevCc: Gehel, Aklapper, Zppix, Smalyshev, Lydia_Pintscher, Legoktm, Anomie, Jonas, Avner, debt, D3r1ck01, FloNight, Izno, jkroll, Wikidata-bugs, Jdouglas, aude, Deskana, Manybubbles, Mbch331___ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
