Michael Dale schreef: > Great that we are moving forward with Upload-by-URL uploads :) > > I have been simultaneously testing / developing things with the > new-upload branch. So the injection script check if upload over > javascript api is supported then uses that (over parsing the form html > output). > > We also have to think about how cross site posting could work. ie the > user is on a wikipedia page but the repository license indicates we > should post the video clip or image to commons. > > Either the upload api needs to support posting to shared repos (in > essence proxying the remote repository) or we need to do a higher level > proxy or we have shared edit tokens across internal domains? .... We > can't allow the JavaScript to run injections without getting its edit > token over local ajax request otherwise things would be open for denial > of service / abuse of credentials for resource injection. > > I could try and add that support to the upload api branch but I don't > have much familiarity with how the magic of remote repositories and > internal api calls to those remote repository work... will have to > investigate. > I only have half a clue about what it does, but can the ForeignAPIRepo class do this? If not, could that functionality conceivably be added to it?
Roan Kattouw (Catrope) _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
