https://bugzilla.wikimedia.org/show_bug.cgi?id=33380
Web browser: ---
Bug #: 33380
Summary: Details of actions caught by a private filter should
be private
Product: MediaWiki extensions
Version: any
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: AbuseFilter
AssignedTo: [email protected]
ReportedBy: [email protected]
CC: [email protected]
Classification: Unclassified
If an action is caught by a private filter, it is entered into the log and by
clicking the details link anyone can view the diff.
If the filter's purpose is to prevent the posting of private information, this
becomes a leak, e.g. if the filter matches a real name the diff will contain
that real name. Therefore this information should either be private and only
viewable by those who can view a private filter, or there should be an option
when writing a filter to restrict the details view to those that can view the
filter.
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
