Last modified: 2011-03-20 01:02:25 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T30126, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 28126 - Add flag to notify whether the API is enabled on another wiki
Add flag to notify whether the API is enabled on another wiki
Status: NEW
Product: MediaWiki extensions
Classification: Unclassified
SiteMatrix (Other open bugs)
unspecified
All All
: Normal enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-03-20 00:48 UTC by Sam Reed (reedy)
Modified: 2011-03-20 01:02 UTC (History)
1 user (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Sam Reed (reedy) 2011-03-20 00:48:39 UTC
Not quite sure how we're gonna do this, or else, if this is a wontfix type of thing...

Moved from https://bugzilla.wikimedia.org/show_bug.cgi?id=16288#c2

(In reply to comment #2)
> Would be good if sitematrix not only indicated whether a wiki is readonly, but
> also whether the API is enabled at all there. Currently, trying an API call on
> a wiki where the API is disabled completely just returns a text "MediaWiki API
> is not enabled for this site. Add the following line to your
> LocalSettings.php<pre>%lt;b>$wgEnableAPI=true;</b></pre>"
> which is rather unhelpful for automated processing. For instance, when using
> dynamically generated script-elements with a callback: what we get back isn't
> even Javascript. Hence we need a way to ensure that we don't even try API calls
> on such wikis. Sitematrix flagging wikis with disabled APIs would be one way.
> Or is there some other way to do this already?
Comment 1 Bawolff (Brian Wolff) 2011-03-20 01:02:25 UTC
>For instance, when using
> dynamically generated script-elements with a callback: what we get back isn't
> even Javascript

Don't all api modules (minus help) require read rights, and when using json with a callback you're considered an anon? That'd make this rather pointless as you wouldn't be able to do anything with a json callback on a private wiki regardless of if the api was enabled.

But ignoring that, it seems it would make sense just to enable the api on all those wikis. Presumably the api is stable enough now that its very unlikely there's any way to get unauthorized info out of it.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links