David Gerard wrote:
On 14/11/06, Magnus Manske magnusmanske@googlemail.com wrote:
I once wrote a function for the upload page where you upload a file by giving its URL. There were some security concerns about malicious servers, which I think I fixed, but then, as usual, nothing happened. Should still be in there, for anyone interested. Lemme see... ah yes; set $wgAllowCopyUploads=true in LocalSettings, and be done with it.
I shudder at the thought of this being enabled on Commons unless such uploads are somehow marked for particular urgent attention - it sounds like an even easier way to upload copyright violations.
Amongst my rights in the database:
<r>import</r> <r>upload</r> <r>upload_by_url</r>
Import and upload by URL are both admin-only AFAICT, and neither are enabled.