On 16/09/05, Thomas Gries <mail(a)tgries.de> wrote:
Rowan Collins wrote:
>>>The basic problem is that people see the watchlist as private
>>>information - watching someone else's could facilitate anti-social
>>>users "stalking" those pages, etc.
See my comment
http://bugzilla.wikimedia.org/show_bug.cgi?id=471#c13
wherein I suggest a token method,
the token only mailed on watchlist owner's request to his e-mail
address, similar to Confirmmail method.
Yes - or my comment #8 on that bug, which reads in part:
...the most widely usable solution would be to let the
user opt in in preferences to make
their watchlist public, and then generate a secret random token that has to go
in the URL to view it. (Noting that this provides only imperfect protection...
I don't really see the need for e-mail addresses to be involved,
unless that happens to make the code much simpler for some reason -
the decisions of whether to register an e-mail address and whether to
activate an RSS watchlist are completely unrelated. The way I pictured
it, the "secret" token would just show up on the preferences page once
the user opted in.
--
Rowan Collins BSc
[IMSoP]