https://bugzilla.wikimedia.org/show_bug.cgi?id=63961
Rainer Rillke @commons.wikimedia ril...@wikipedia.de changed:
What|Removed |Added
CC|
https://bugzilla.wikimedia.org/show_bug.cgi?id=63961
Marco maic...@yahoo.com changed:
What|Removed |Added
See Also||https://bugzilla.wikimedia.
https://bugzilla.wikimedia.org/show_bug.cgi?id=63961
--- Comment #3 from Marco maic...@yahoo.com ---
(In reply to Sam Reed (reedy) from comment #2)
Why?
* Do you mean that some domains could serve corrupt files which can compromise
the wmf network when uploading by url?
* Did we encounter any
https://bugzilla.wikimedia.org/show_bug.cgi?id=63961
--- Comment #4 from Bawolff (Brian Wolff) bawolff...@gmail.com ---
(In reply to Marco from comment #3)
(In reply to Sam Reed (reedy) from comment #2)
Why?
* Do you mean that some domains could serve corrupt files which can
compromise the
https://bugzilla.wikimedia.org/show_bug.cgi?id=63961
Andre Klapper aklap...@wikimedia.org changed:
What|Removed |Added
Priority|Unprioritized |Lowest
https://bugzilla.wikimedia.org/show_bug.cgi?id=63961
--- Comment #5 from Chris Steipp cste...@wikimedia.org ---
I prefer a whitelist for two reasons:
* When we have security issues that effect the outbound connection (the
curl-imap overflow, and need I even bring up heartbleed), then forcing a
https://bugzilla.wikimedia.org/show_bug.cgi?id=63961
--- Comment #1 from Bryan Davis bda...@wikimedia.org ---
Apparently opened in response to my request for justification on
https://gerrit.wikimedia.org/r/#/c/126384/ (Adding '*.panoramio.com' to the
wgCopyUploadsDomains array).
--
You are
https://bugzilla.wikimedia.org/show_bug.cgi?id=63961
--- Comment #2 from Sam Reed (reedy) s...@reedyboy.net ---
(In reply to Marco from comment #0)
There is no reason to maintain a upload by url whitelist instead of a
blacklist considering that there should not be any technical difficulties
