On Mon, Mar 23, 2009 at 12:20 PM, Roan Kattouw <roan.katt...@home.nl> wrote: > Michael Dale schreef: >> Great that we are moving forward with Upload-by-URL uploads :) >> >> I have been simultaneously testing / developing things with the >> new-upload branch. So the injection script check if upload over >> javascript api is supported then uses that (over parsing the form html >> output). >> >> We also have to think about how cross site posting could work. ie the >> user is on a wikipedia page but the repository license indicates we >> should post the video clip or image to commons. >> >> Either the upload api needs to support posting to shared repos (in >> essence proxying the remote repository) or we need to do a higher level >> proxy or we have shared edit tokens across internal domains? .... We >> can't allow the JavaScript to run injections without getting its edit >> token over local ajax request otherwise things would be open for denial >> of service / abuse of credentials for resource injection. >> >> I could try and add that support to the upload api branch but I don't >> have much familiarity with how the magic of remote repositories and >> internal api calls to those remote repository work... will have to >> investigate. >> > I only have half a clue about what it does, but can the ForeignAPIRepo > class do this? If not, could that functionality conceivably be added to it? > > Roan Kattouw (Catrope) > > _______________________________________________ > Wikitech-l mailing list > Wikitech-l@lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/wikitech-l >
For the ForeignApiRepo to support it, we need native upload support in the API to begin with. -Chad _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
