This is true but I don't understand why we can't have something like
OAuth for applications. I don't think it should be something complex.
User would just generate some "token" in mediawiki interface that
would be some long string which they would give to application, which
would then login to mediawiki using this string instead of username +
password combination.
This would be probably more secure than giving a password to it. This
is probably worth of separate wikitech thread.
Regarding the original topic: I think that this "tag" ability would be
useful but only as long as regular users can use these tags to filter
out selected edits from recent changes and similar. Otherwise it would
be only useful for tech people.
On Wed, Feb 11, 2015 at 2:59 PM, Ricordisamoa
<ricordisamoa(a)openmailbox.org> wrote:
Il 11/02/2015 14:07, This, that and the other ha
scritto:
"Chris Grant" wrote in message
news:CAF_zKbp-aBGzGcy4LQQvbTXUr-2tjO8OpmbwxtROsfvihuc_fg@mail.gmail.com...
On 11 Feb 2015 17:57, "Petr Bena"
<benapetr(a)gmail.com> wrote:
As I said, I belive that any registered user should be able to use,
with no need for permissions as I see no way to abuse it.
If anyone can use it, wouldn't the smarter vandals just use it to avoid
the
RC patrollers?
How does a user prove that they're using a particular tool a way that
can't be faked? Something like OAuth comes to mind. All edits made via an
OAuth consumer are already tagged with a unique tag, and I would assume that
it is not possible to falsely represent an OAuth consumer.
I'm not sure whether this could work for common tools like AWB or Twinkle,
though:
* I don't know whether OAuth works for client-side downloadable programs
like AWB.
AFAIK the OAuth extension cannot work for them by design, see
https://www.mediawiki.org/wiki/OAuth/For_Developers#Intended_Users.
* JavaScript tools edit as the user from the
user's browser, and as such,
OAuth is not relevant to them. In any case, anything they do (like adding a
specific string to edit summaries, adding a tag to their edits, or the like)
can be easily spoofed or faked by a tech-savvy user.
Before change tagging could be used as a way to *filter out* particular
tool edits (as opposed to being simply a way of identifying revisions that
satisfy some criterion) the RC tag filter would need to be improved.
(I'm not pretending that change tagging is the only solution for Petr's
"tool edits" idea: I just think it is the most likely candidate for
implementing something like this.)
TTO
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l