Page MenuHomePhabricator
Create Task
Maniphest T17489

Limit scripts to non-new users
Closed, InvalidPublic
Actions

Description

Author: mapellegrini

Description:
New users should not be able to run scripts. There's been a recent rash of vandalism where vandals register a new account, paste in a monobook script (like twinkle), and use it to vandalize (http://en.wikipedia.org/wiki/Special:Contributions/REDyellowGreenBLUE)

Please limit running scripts to auto-approved users.

Version: unspecified
Severity: normal

Details

Reference
bz15489

Event Timeline

bzimport raised the priority of this task from to Lowest.Nov 21 2014, 10:21 PM
bzimport added a project: Wikimedia-Site-requests.
bzimport set Reference to bz15489.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Sep 5 2008, 6:02 PM
bzimport added a comment.Sep 9 2008, 10:22 AM

EN.WP.ST47 wrote:

Is there consensus to do this on enwiki? It'd probably be fairly trivial to add a check before loading a user's monobook that they are autoconfirmed, but that doesn't stop them from using it with a tool like greasemonkey.

aaron added a comment.Oct 7 2008, 12:59 AM

Needs consensus to implement.

demon added a comment.Nov 29 2011, 9:58 PM

Would be easy enough to do in ResourceLoaderUserModule--add usercss & userjs rights to 'user' so no change in default config.

REOPENING.

Nemo_bis added a comment.Apr 4 2013, 9:09 PM

No consensus found in 15 more months and if not by RateLimits they're surely doing it via AbuseFilter.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL