Last modified: 2007-03-21 20:56:10 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 9309 - Whitelist external links to toolserver in captcha configuration
Whitelist external links to toolserver in captcha configuration
Product: Wikimedia
Classification: Unclassified
General/Unknown (Other open bugs)
All All
: Normal enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
: shell
Depends on:
  Show dependency treegraph
Reported: 2007-03-16 07:07 UTC by brianna.laugher
Modified: 2007-03-21 20:56 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description brianna.laugher 2007-03-16 07:07:42 UTC
(I thought captchas were part of an extension, but I couldn't find it in the
list of MediaWiki extensions.)

Templates such as [[commons:template:nsd]] (no source, date) mark images as
missing source. When anonymous users do this, they are requested to answer a
captcha because of the insertion of external links, presumably because of the
CheckUsage link to Wikimedia toolserver. (A user reported this and it has also
happened to me, when logged out.)

Two possible solutions:
1) Toolserver URLs should somehow be marked as non-external. 
2) Only URLs directly entered by the user should prompt a captcha, not URLs that
happen to be on a template they insert.

Comment 1 Brion Vibber 2007-03-21 20:56:10 UTC
1) Added * to the whitelist.

2) isn't feasible, since it would enable very easy mass spamming: add one
template, pass the captcha, then spam the template to a million pages with no

Note You need to log in before you can comment on or make changes to this bug.