First of all Thanks for your response @Brian.
If you get an invalid CSRF error, its generally best to just get a new
token and try again.
Yes, I tried this. (Ref : https://www.mediawiki.org/wiki/Manual:Edit_token#Validity) Probably working better than always use same token & always use new token.
Actually I tried below two cases, Case 1 : Don't store any headers. Once user logged in then continuously use, record and upload audio no issue working well. But, after the app close not working. Because not maintain/store/pass the any cookies(Headers) values. So that I going second one. Case 2 : Every headers(cookie values) stored and pass with every request. This time working very well for long duration(~one day only). Because login cookie information/token tracking well. But, Here I send some unwanted/duplicated cookie values.
Check Header information : https://github.com/manimaran96/Spell4Wiki/blob/master/files/dev/invalid_csrf...
May I know what are the information only enough for the upcoming/upload/edit_token requests?. Note : Currently I sending every headers for every request. Because I don't know what is necessary.
I will track the updates.
As a workaround, I would suggest after upload you do
https://ta.wiktionary.org/w/api.php?action=purge&forcelinksupdate=true&a... Super. Thanks, It is better than null edit. Edit token is necessary for purge action?. Because unknown’s purge may block the IP?
While purge action, https://ta.wiktionary.org/w/api.php?action=purge&forcelinksupdate=true&a... POST request with Content-Type = application/json Page Updated. Audio file linked that page. But return response comes with some warning "Unrecognized parameter: forcelinksupdate.”. May know why coming like this.
OAuth 2 is probably better, but its still
really new, and clientlogin is fine too imo. Ok, currently I am using clientlogin it is working well except “Invalid CSRF” problem. I have one doubt on this, loginreturnurl or logincontinue is required in clientlogin API. In my case which one & what value I want to use. (Ref : https://www.cryst.ehu.es/wiki/api.php?action=help&modules=clientlogin) Share the Wiki-OAuth 2 proper documentation link. If have.
CC-0 gives away all rights to the file, which does make it very
easy to reuse. Good suggestion. I will set default one is CC-0 and inform to user. Also, I give option to choose/change the license.
Thanks lot for your response.
On Mon, Feb 24, 2020 at 9:50 AM bawolff bawolff+wn@gmail.com wrote:
If you get an invalid CSRF error, its generally best to just get a new token and try again.
- Once successfully uploaded audio not reflected to UN-Audio words API
<
https://ta.wiktionary.org/w/api.php?action=query&format=json&list=ca...
and Word’s Wiktionary page.
Hmm, as far as I can tell, MediaWiki does not seem to be recording the {{#ifexist:Media:ta-{{PAGENAME}}.ogg|... as an image link. But it should. I don't understand why it is not (For reference, the page i was looking at was
https://ta.wiktionary.org/wiki/%E0%AE%85%E0%AE%95%E0%AF%8D%E0%AE%95%E0%AE%BF... . Consider
https://ta.wiktionary.org/w/api.php?action=parse&page=%E0%AE%85%E0%AE%95... . The ogg file should be recorded as a link there due to the template வார்ப்புரு:ஒலிக்கோப்பு-தமிழ் ). Anyways, filed https://phabricator.wikimedia.org/T245965 about it because this is a mistake on our end. This means mediawiki will not automatically change the categories on file upload.
As a workaround, I would suggest after upload you do
https://ta.wiktionary.org/w/api.php?action=purge&forcelinksupdate=true&a... . That is, do a forcelinksupdate purge on the page that uses the ogg file that was uploaded.
Empty append text in edit action is good or bad?
That's called a null edit. Its more or less the same as as using ?action=purge&forcelinksupdate=true from the api.
Client login or OAuth login - Which one is better?
If you're operating a website, than oauth (including oauth 1) is the clear better option. If you have an app that lives on the client's machine, then the new oAuth 2 is a possibility. OAuth 2 is probably better, but its still really new, and clientlogin is fine too imo.
In Which license to release uploaded audio file? Public domain or CC
by zero or any ? and reason?
You need to ensure you get the consent of your users for whatever option you use. CC-0 gives away all rights to the file, which does make it very easy to reuse. This is more a political question, you may want to ask on commons or tawiktionary as to what is preferred.
-- Brian
On Sun, Feb 23, 2020 at 6:02 AM Manimaran_K manimaraninam1027@gmail.com wrote:
Hi all,
I am Manimaran(https://manimaran96.WordPress.com), Free Software
Activist
and Android Developer. I developing the app called Spell4Wiki.
*Spell4Wiki - Spell For Wiki*
Spell4Wiki is an mobile application to record and upload audio to wiki commons for Wiktionary words.Spell4Wiki also act as dictionary. Words meanings are come from Wiktionary.
*Useful Links*
Source code : https://github.com/manimaran96/Spell4Wiki
APK :
https://github.com/manimaran96/Spell4Wiki/releases/download/devapp_v5/spell4...
Workflow :
https://manimaran96.files.wordpress.com/2020/02/spell4wiki_workflow-1.png
Blog :
https://manimaran96.wordpress.com/2019/01/06/spell4wiki-mobile-app-to-record...
<
https://manimaran96.wordpress.com/2020/02/21/spell4wiki-mobile-app-to-record...
https://manimaran96.wordpress.com/2020/02/21/spell4wiki-mobile-app-to-record...
While developing I struggled in some places(listed below). If anyone have idea about this please help me...
*Problems*
- While uploading audio some times I got a message “Invalid CSRF”.
- Once successfully uploaded audio not reflected to UN-Audio words
API
<
https://ta.wiktionary.org/w/api.php?action=query&format=json&list=ca...
and Word’s Wiktionary page.
Problem : 1Reason I found
- I think this comes may be session time out or expire or wrong CSRF
token. 2. Once app close session expired
What I tried
- I am saving first CSRF token after login. Then after every edit
request use same CSRF token -> Not worked. 2. Every time getting new CSRF token for every edit request -> Not worked. 3. I managed the cookies using android-lib https://github.com/franmontiel/PersistentCookieJar -> Not worked.
Questions
- How to solve this?
- Possible to extend login expire time?
- Which header/cookie is important for every edit request?
Problem : 2
Reason I found
- I think Wikipedia refresh the UN-Audio word list and Wiktionary
word
page after specific period of time.
What I tried
- Once user uploaded audio of particular word. Then that word stored
in
local DB and not showing next time to user -> Not suit for global use. 2. After audio upload edit(Just append text “” empty) the particular word’s page in Wiktionary 1. This time updated in Wiktionary page suddenly but Un-Audio API some times only reflected. 2. Sometime IP blocked due to this type of empty edit.
Questions
- How to solve this?
- Empty append text in edit action is good or bad?
- While uploading audio to commons How to manage conflict works or
duplicate works? Because lot of user may contribute same word.
Some General Doubts
- Client login or OAuth login - Which one is better?
- In Which license to release uploaded audio file? Public domain or
CC
by zero or any ? and reason?
I hope i explained my needs clearly. If you have any doubts/questions ask me.
I expect collective answers from who are able to help me, at least convey whatever you know. Which is help to further develop.
Thanks in advance. _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l