If the user adds for example {{IMDb|124|Foo}} or {{IPcheck|127.0.0.1}} in the English Wikipedia, he has to solve a Captcha, because the templates link to imdb.com, dnsstuff.com and so on.
This is both annoying and confusing, because the user does not add an external link, the template does.
The obvious solution would be not to display a Captcha if the url is provided by the template, not the user. However, clever spammers could do the following:
- Create template "evilLink" with external link. Solve a Captcha to do so.
- Transclude template "evilLink" into 1000 pages without having to solve a Captcha.
- ???
- Profit!
The alternative would be, to use MediaWiki:Captcha-addurl-whitelist, however few sysops even notice, that there are Captchas (Admins don't have to solve them, so they are not aware of the problem).
But perhaps, there is another way. If FlaggedRevs are active on a wiki, it would be possible to allow only external links of flagged templates without a Captcha. If FlaggedRevs are missing, it would be possible to allow external links that have been in a template for a while (this would slow down spammers).
Version: unspecified
Severity: enhancement