https://bugzilla.wikimedia.org/show_bug.cgi?id=43004
Web browser: ---
Bug ID: 43004
Summary: Creating Claim with Snak using wikibase-item type
needs validation
Product: MediaWiki extensions
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: Unprioritized
Component: ABC
Assignee: [email protected]
Reporter: [email protected]
Classification: Unclassified
Mobile Platform: ---
The wikibase-item type uses the 'string' data value. This allows for all
strings while we only want to allow proper wb item IDs. The right thing to do
would probably be to add a validator to the wikibase-item data type definition,
checking whether the given string is a proper ID.
If this is not fixed, this allows confusing vandalism, people adding Snaks with
weird IDs which make no sense to Statements. In the frontend we can prevent
from this in other ways, the API would still be vulnerable and would require a
solution to this bug.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
