[Foundation-l] mirroring a portion of the wikipedia
Robert Rohde
rarohde at gmail.com
Thu Feb 19 21:19:53 UTC 2009
On Thu, Feb 19, 2009 at 12:30 PM, Thomas Dalton <thomas.dalton at gmail.com> wrote:
> 2009/2/19 Robert Rohde <rarohde at gmail.com>:
>> I think you are significantly overestimating the difficulty. We
>> already have an API [1] and similar tools that allow one to accomplish
>> many similar tasks. For example, calling ?action=render will give you
>> a llive HTML version of any current page that could be wrapped in a
>> external site's own framing and stylesheets (though one would need to
>> rewrite the url roots in most cases). The API already has tools for
>> logging in and out while authenticating against WMF servers. And
>> there is even a write API, though I believe that is currently disabled
>> on the main sites.
>
> Ideally, you would want to authenticate in a way that doesn't give the
> middle-man access to plaintext Wikimedia passwords.
True, though under the current system a middle man in position of a
user authentication token could do exactly the same things to
Wikimedia as someone with the plaintext password. Which is a short
way of saying our system has never been built with much security in
mind.
-Robert Rohde
More information about the foundation-l
mailing list