https://bugzilla.wikimedia.org/show_bug.cgi?id=62049
Bug ID: 62049 Summary: Abuse filters can be fooled by using U+200B ZERO WIDTH SPACE (ccnorm doesn't remove/normalize them) Product: MediaWiki extensions Version: unspecified Hardware: All OS: All Status: NEW Severity: normal Priority: Unprioritized Component: AntiSpoof Assignee: wikibugs-l@lists.wikimedia.org Reporter: mybugs.m...@gmail.com CC: h...@online.de, soxre...@gmail.com Web browser: --- Mobile Platform: --- As you can check on https://test.wikipedia.org/wiki/Special:AbuseFilter/tools ccnorm("BAD")!==ccnorm("BAD") where the first string has just 3 characters and the second one has a few invisible characters inside it. Therefore, anyone can fool abuse filters which try to avoid ofenses, badwords, etc.. by just copying invisible characters in the text. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l