Last modified: 2007-03-21 20:56:10 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T11309, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 9309 - Whitelist external links to toolserver in captcha configuration
Whitelist external links to toolserver in captcha configuration
Product: Wikimedia
Classification: Unclassified
General/Unknown (Other open bugs)
All All
: Normal enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
: shell
Depends on:
  Show dependency treegraph
Reported: 2007-03-16 07:07 UTC by brianna.laugher
Modified: 2007-03-21 20:56 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description brianna.laugher 2007-03-16 07:07:42 UTC
(I thought captchas were part of an extension, but I couldn't find it in the
list of MediaWiki extensions.)

Templates such as [[commons:template:nsd]] (no source, date) mark images as
missing source. When anonymous users do this, they are requested to answer a
captcha because of the insertion of external links, presumably because of the
CheckUsage link to Wikimedia toolserver. (A user reported this and it has also
happened to me, when logged out.)

Two possible solutions:
1) Toolserver URLs should somehow be marked as non-external. 
2) Only URLs directly entered by the user should prompt a captcha, not URLs that
happen to be on a template they insert.

Comment 1 Brion Vibber 2007-03-21 20:56:10 UTC
1) Added * to the whitelist.

2) isn't feasible, since it would enable very easy mass spamming: add one
template, pass the captcha, then spam the template to a million pages with no

Note You need to log in before you can comment on or make changes to this bug.