Folks,
If current implementation can be made more secure, I'm well for it -
ideally more secure then the alternative native PHP extensions
infrastructure MW has right now.
Unfortunately, this was born because writing extensions for widgets is
hard, writing them in secure way is even harder, splitting the code into
two layers maintained on different levels seemed better, especially for
small independent wikis who have hard time managing extensions.
If anyone is interested in rewriting it using more secure framework or
maybe fixing all the widgets (providing better validators or alike), you're
very welcome to do so.
There were other ideas like context-based auto-escaping, better review
process, rewrite using new version of Smarty, installation from centralized
repo and so on, but someone else sill have to continue that.
Anyway, we can kill the work of many years, that's easy, more over, it'll
die alone without active commitment anyway, I hope good open source
community like MW team can find out a way to utilize this work.
If there is any help needed, I'm eager to help with the move as I did
before by maintaining Widgets, OpenID extension and contributing to
Semantic MediaWiki/Forms/Bundle and so on - it's just time for me to step
away from MW development.
Best,
Sergey
On Tue, Sep 4, 2012 at 6:06 PM, Daniel Friesen
<daniel(a)nadir-seen-fire.com>wrote;wrote:
On Tue, 04 Sep 2012 14:14:34 -0700, Jeroen De Dauw
<jeroendedauw(a)gmail.com>
wrote:
Hey,
This is clearly not the case. Because there are XSS vectors all over these
widgets.
Developers who understand security do not monitor code strewn about in
piles of wiki pages.
They in no way have the same level of gatekeeping as extensions.
So instead of writing a widget publicly visible, the random third party
admin who barley knows the basics of PHP goes write something that quite
possibly is not published anywhere and can have gaping security holes not
known to them and remaining so.
Random third party admins running wikis so small they hack together custom
code don't have people who understand security reviewing anything for
vulnerabilities. Even if it's public it's going to stay vulnerable.
The only way these sites will ever have something secure is if we have a
nice widget request area where third party admins can get someone to write
a simple widget extension for some service they want to use.
You also mention stuff such as
Html::element. Guess what - they might not know
about it. I have looked at
A LOT of extensions, and I can assure you that you have a rather rosy view
on the subject.
We just have bad documentation on the subject.
A proper PHP based Widget extension would provide some apis even nicer
than our current Html. Easy to use validation. Boilerplate cleanup. And
would naturally come with good documentation that encourages people to use
the high-level style of code.
Well, not just encourages... I'd say it wouldn't even mention the fact you
can concatenate strings of html.
Cheers
--
Jeroen De Dauw
http://www.bn2vs.com
Don't panic. Don't be evil.
--
--
~Daniel Friesen (Dantman, Nadir-Seen-Fire) [
http://daniel.friesen.name]
______________________________**_________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/**mailman/listinfo/wikitech-l<https://lists.…