Tei wrote:
so... what stops a maliciuous banner script to insert
viagra links on
random wikipedia articles?.
other than 2 unixtimes, and the md5 of summary, I don't see how this
is protected at all.
It doesn't stop (and the md5 is not needed). An external page could
produce a form to make their users post data to wikipedia. But
a) The target pages would be protected, content blocked...
b) The users may discover it.
c) It won't work with logged-in users.