Gehel added a comment.
In T258895#6382143 <https://phabricator.wikimedia.org/T258895#6382143>, @Legoktm wrote: > The general requirements are (we should document this somewhere): > > - No open redirects (allows bypassing the allowed domains list) > - No dangerous actions on GET requests > - No reflective XSS The code is the same as the production WDQS and should support the requirements above. > - Should fall under the Wikimedia privacy policy / or anyone who has access to private information should have signed an NDA. This project has quite a few members. Most of them are WMF staff and are under NDA, but a few are not and even if that was the case, we don't have a good way to enforce NDA for future access. > URL stability explicitly isn't a consideration, e.g. wiki pages can disappear at any time. It's up to each service to maintain stable URLs (Cool URIs don't change!) - I would expect `wcqs-beta.wmflabs.org` eventually redirects to the production instance. `wcqs-beta.wmflabs.org` will disappear once a production service is in place, URLs will be broken and won't be redirected. TASK DETAIL https://phabricator.wikimedia.org/T258895 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Gehel Cc: Nirmos, Legoktm, Nikki, Bugreporter, Jheald, Lucas_Werkmeister_WMDE, Nintendofan885, Ladsgroup, Aklapper, Gehel, Multichill, MPhamWMF, maantietaja, Muchiri124, CBogen, Akuckartz, DannyS712, Nandana, Namenlos314, Lahi, Gq86, Ramsey-WMF, GoranSMilovanovic, Chicocvenancio, QZanden, EBjune, merbst, LawExplorer, Poyekhali, _jensen, rosalieper, Taiwania_Justo, Scott_WUaS, Jonas, Xmlizer, Ixocactus, Wong128hk, abian, jkroll, Wikidata-bugs, Jdouglas, aude, Tobias1984, El_Grafo, Dinoguy1000, Manybubbles, Alchimista, Steinsplitter, Mbch331, Keegan
_______________________________________________ Wikidata-bugs mailing list Wikidata-bugs@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikidata-bugs
