Last modified: 2011-04-14 15:11:05 UTC
While the spam blacklist works for article content, it fails to affect edit summaries and log entry reasons. At least one abusive user is utilizing this hole in our defenses.
Agreed, its a simple trolling bug which really must be fixed, since links to badsites can be abused through this, and the spam filter doesn't really pick this up and possibly creating something like [[MediaWiki:EditSummaryBlacklist]] (just an idea) can fix it...
Er, I was more intending for this to use the existing spam blacklist and apply it to edit summaries also. Fewer pages to monitor. No reason I can think of to make two separate lists. I proposed this as a change to http://www.mediawiki.org/wiki/Extension:SpamBlacklist
There are no clickable links there, so the blacklist wouldn't apply.
Nevertheless, spammers use edit summaries encouraging users to visit nimp.org (don't actually go there, it's a shock site that'll probably crash your browser). While they're not clickable, it wouldn't be good to have those kind of entries in the history either.
This is still an issue and could really use some looking into. We've had a few users (who shall go unnamed) go through a temporary lack of common sense and go to these sites, clickable or not. It seems to me this could just use a simple regex scan of the edit summary - it's pretty easy to tell what a link looks like, so it's very unlikely we'd get any false alarms on this.
Partially fixed as of r36439. Log entries aren't scanned yet, but edit summaries now are.