| Smalyshev added a comment. |
Since this is an internal controlled one, I'd keep it short but not too short and let the clients self-police. One thing that I do want to have for this one is enforcing setting user agent, so we know who uses them. If we notice clients are not self-policing well, we could also enforce explicit timeout (i.e. client should explicitly have either header or query string timeout setting - which means some human took a decision on it, hopefully after a long careful thinking :)
Summarily I think we could start with:
- 30 secs timeout
- Requiring user-agent to be set
- Only allowing internal access
I am not 100% sure about labs, we might think of allowing some labs access since some rather widely used tools run there, and while technically not production, they certainly have many people relying on them. But this is for future times, we should start with prod-only I think.
Cc: Lucas_Werkmeister_WMDE, Smalyshev, Gehel, Aklapper, Lahi, PDrouin-WMF, Gq86, E1presidente, Ramsey-WMF, Darkminds3113, SandraF_WMF, GoranSMilovanovic, QZanden, EBjune, Tramullas, Acer, merbst, LawExplorer, Avner, Jdrewniak, Jonas, FloNight, Xmlizer, Susannaanas, Aschroet, Jane023, jkroll, Wikidata-bugs, Jdouglas, PKM, Base, matthiasmullie, aude, Tobias1984, Manybubbles, Ricordisamoa, Fabrice_Florin, Raymond, Steinsplitter, Mbch331
_______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
