> - OAuth: Well not actually OAuth. After getting a full understanding of this topic > implementation of actual OAuth (1&2) looks like a dark dead-end. Rather than OAuth I'd like > to write a new auth standard that learns from all the good things and the mistakes made in > both versions of OAuth and takes note of all the things we really need. And then implement it > into MediaWiki and write a series of server and client libraries/sdks so it's also easier to pick > up than either OAuth.
Not a good idea: http://xkcd.com/927/ While OAuth has its problems, it's not a terrible protocol (or at least v1 isn't). > Password reset tokens: It's unbelievable but we are STILL using temporary passwords > instead of reset tokens. Naturally this is less usable and also lowers the security of our > password reset system. My focus lately has been on security, so I may take this on in the near future. *--* *Tyler Romeo* Stevens Institute of Technology, Class of 2015 Major in Computer Science www.whizkidztech.com | [email protected] On Fri, Aug 24, 2012 at 1:05 PM, Daniel Friesen <[email protected]>wrote: > Meta discussions over community, Appreciation threads, GSoC wrapups, > Deployment threads, and orthogonal questions. > Lately wikitech-l seems to be almost void of one of the most important > categories of discussion I like to see here. > > Discussions on adding new features to MediaWiki! > > So, just like Sumana's "Appreciation thread" how about a little thread > dedicated to listing out things we'd like to see in MediaWiki or perhaps > would like to write ourselves. > Not really big things like VisualEditor, Wikidata, and Lua who have teams > of people within WMF working on them. But rather those other important > things a lot of us may want but always end up pushed to the side and > forgotten. > > For me... > Before I list the small stuff here are 3 big projects right now I wish I > could work on but won't possibly have the time unless I find someone > willing to pay me enough to drop a normal job an dedicate my programming > time to writing things for MediaWiki: > - Gareth: It's not exactly a MediaWiki feature. But with the Gerrit > annoyances and talk about other review systems I've had a really good idea > how to do a review system right this time around. It would be nice to spend > a pile of time turning it into a system that we could actually use for our > code review. > - OAuth: Well not actually OAuth. After getting a full understanding of > this topic implementation of actual OAuth (1&2) looks like a dark dead-end. > Rather than OAuth I'd like to write a new auth standard that learns from > all the good things and the mistakes made in both versions of OAuth and > takes note of all the things we really need. And then implement it into > MediaWiki and write a series of server and client libraries/sdks so it's > also easier to pick up than either OAuth. > - Machine-Learning based Anti-spam: Wikipedia has bots like ClueBot NG > dealing with spam. It would be nice to have machine-learning based > anti-spam built into a MediaWiki extension with a nice intuitive user > interface usable outside of WMF so all wikis can have great anti-spam. > > > Now some old and forgotten code topics: > - 404 routing: I'd like us to get to the point where we can set > ErrorDocument 404 /w/index.php and MediaWiki will automatically start doing > short urls, outputting 404 pages for you, and acting as an implicit > thumbnail handler. > - Title rewrite: Aaaaincient topic... updating our handling of the page > table and titles in general so that the case, whitespace, and all the stuff > in a title that just get's normalized away is correctly remembered. So that > [[iPod]], even though it's the same as [[IPod]] will always display as > "iPod" even in lists outside of the page itself such as Special:Allpages > - Password reset tokens: It's unbelievable but we are STILL using > temporary passwords instead of reset tokens. Naturally this is less usable > and also lowers the security of our password reset system. > - An abstract revision system. The way we shove configuration into i18n, > i18n into articles, scripts and stylesheets into articles, and extensions > go and do the same. All just to get proper revisioning of things. Is > horrible. Not to mention the extensions that don't and rely on our logging > system which makes it harder to revert things. With all this together I'd > like to see an abstract system that lets extensions have their own revision > system outside of page content for whatever they need to do. > ---- > https://www.mediawiki.org/**wiki/User:Dantman/Code_Ideas<https://www.mediawiki.org/wiki/User:Dantman/Code_Ideas> > https://www.mediawiki.org/**wiki/User:Dantman/Abstract_**Revision_System<https://www.mediawiki.org/wiki/User:Dantman/Abstract_Revision_System> > https://www.mediawiki.org/**wiki/User:Dantman/Code_Ideas/**PageLayouts<https://www.mediawiki.org/wiki/User:Dantman/Code_Ideas/PageLayouts> > https://www.mediawiki.org/**wiki/User:Dantman/Anti-spam_**system<https://www.mediawiki.org/wiki/User:Dantman/Anti-spam_system> > https://www.mediawiki.org/**wiki/Requests_for_comment/** > Entrypoint_Routing_and_404_**handling<https://www.mediawiki.org/wiki/Requests_for_comment/Entrypoint_Routing_and_404_handling> > https://www.mediawiki.org/**wiki/User:Dantman/**CodeReviewSystem<https://www.mediawiki.org/wiki/User:Dantman/CodeReviewSystem>and > http://gareth-review.com/ > > -- > ~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://daniel.friesen.name] > > ______________________________**_________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/**mailman/listinfo/wikitech-l<https://lists.wikimedia.org/mailman/listinfo/wikitech-l> > _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
