- OAuth: Well not actually OAuth. After getting a full understanding of
this topic
implementation of actual OAuth (1&2) looks like a dark dead-end. Rather
than OAuth I'd like
to write a new auth standard that learns from all the good things and
the mistakes made in
both versions of OAuth and takes note of all the things we really need.
And then implement it
into MediaWiki and write a series of server and client libraries/sdks so
it's also easier to pick
up than either OAuth.
Not a good idea: http://xkcd.com/927/ While OAuth has its problems, it's not a terrible protocol (or at least v1 isn't).
Password reset tokens: It's unbelievable but we are STILL using temporary
passwords
instead of reset tokens. Naturally this is less usable and also lowers
the security of our
password reset system.
My focus lately has been on security, so I may take this on in the near future.
*--* *Tyler Romeo* Stevens Institute of Technology, Class of 2015 Major in Computer Science www.whizkidztech.com | tylerromeo@gmail.com
On Fri, Aug 24, 2012 at 1:05 PM, Daniel Friesen daniel@nadir-seen-fire.comwrote:
Meta discussions over community, Appreciation threads, GSoC wrapups, Deployment threads, and orthogonal questions. Lately wikitech-l seems to be almost void of one of the most important categories of discussion I like to see here.
Discussions on adding new features to MediaWiki!
So, just like Sumana's "Appreciation thread" how about a little thread dedicated to listing out things we'd like to see in MediaWiki or perhaps would like to write ourselves. Not really big things like VisualEditor, Wikidata, and Lua who have teams of people within WMF working on them. But rather those other important things a lot of us may want but always end up pushed to the side and forgotten.
For me... Before I list the small stuff here are 3 big projects right now I wish I could work on but won't possibly have the time unless I find someone willing to pay me enough to drop a normal job an dedicate my programming time to writing things for MediaWiki:
- Gareth: It's not exactly a MediaWiki feature. But with the Gerrit
annoyances and talk about other review systems I've had a really good idea how to do a review system right this time around. It would be nice to spend a pile of time turning it into a system that we could actually use for our code review.
- OAuth: Well not actually OAuth. After getting a full understanding of
this topic implementation of actual OAuth (1&2) looks like a dark dead-end. Rather than OAuth I'd like to write a new auth standard that learns from all the good things and the mistakes made in both versions of OAuth and takes note of all the things we really need. And then implement it into MediaWiki and write a series of server and client libraries/sdks so it's also easier to pick up than either OAuth.
- Machine-Learning based Anti-spam: Wikipedia has bots like ClueBot NG
dealing with spam. It would be nice to have machine-learning based anti-spam built into a MediaWiki extension with a nice intuitive user interface usable outside of WMF so all wikis can have great anti-spam.
Now some old and forgotten code topics:
- 404 routing: I'd like us to get to the point where we can set
ErrorDocument 404 /w/index.php and MediaWiki will automatically start doing short urls, outputting 404 pages for you, and acting as an implicit thumbnail handler.
- Title rewrite: Aaaaincient topic... updating our handling of the page
table and titles in general so that the case, whitespace, and all the stuff in a title that just get's normalized away is correctly remembered. So that [[iPod]], even though it's the same as [[IPod]] will always display as "iPod" even in lists outside of the page itself such as Special:Allpages
- Password reset tokens: It's unbelievable but we are STILL using
temporary passwords instead of reset tokens. Naturally this is less usable and also lowers the security of our password reset system.
- An abstract revision system. The way we shove configuration into i18n,
i18n into articles, scripts and stylesheets into articles, and extensions go and do the same. All just to get proper revisioning of things. Is horrible. Not to mention the extensions that don't and rely on our logging system which makes it harder to revert things. With all this together I'd like to see an abstract system that lets extensions have their own revision system outside of page content for whatever they need to do.
https://www.mediawiki.org/**wiki/User:Dantman/Code_Ideashttps://www.mediawiki.org/wiki/User:Dantman/Code_Ideas https://www.mediawiki.org/**wiki/User:Dantman/Abstract_**Revision_Systemhttps://www.mediawiki.org/wiki/User:Dantman/Abstract_Revision_System https://www.mediawiki.org/**wiki/User:Dantman/Code_Ideas/**PageLayoutshttps://www.mediawiki.org/wiki/User:Dantman/Code_Ideas/PageLayouts https://www.mediawiki.org/**wiki/User:Dantman/Anti-spam_**systemhttps://www.mediawiki.org/wiki/User:Dantman/Anti-spam_system https://www.mediawiki.org/**wiki/Requests_for_comment/** Entrypoint_Routing_and_404_**handlinghttps://www.mediawiki.org/wiki/Requests_for_comment/Entrypoint_Routing_and_404_handling https://www.mediawiki.org/**wiki/User:Dantman/**CodeReviewSystemhttps://www.mediawiki.org/wiki/User:Dantman/CodeReviewSystemand http://gareth-review.com/
-- ~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://daniel.friesen.name]
______________________________**_________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/**mailman/listinfo/wikitech-lhttps://lists.wikimedia.org/mailman/listinfo/wikitech-l