Page MenuHomePhabricator
Create Task
Maniphest T28495

Prototype.wikimedia.org should not tell you it could be a phishing site :)
Closed, ResolvedPublic
Actions

Description

Author: thor.malmjursson

Description:
Hi. I just thought I'd leave this for you, It's not a bug per se, more a comment about the way the prototype is set up. I was curious seeing the site keep popping up while logging in at enwp and went to look. I tried to login there, and got told in no uncertain terms

"You are viewing this page on prototype.wikimedia.org, which might be a proxy or phishing site. This site can intercept your password; you are strongly advised to log in from en.wikipedia.org."

Prototype or not, that is not a great message to be sending out from a wiki (even though it's not a real one) hosted on a WMF server :)

People seeing that might get the wrong idea and shy away, and that wouldn't be a good thing in my opinion, especially when the site is associated to the Usability Initiative.

Just my 2¢ worth.

Version: unspecified
Severity: normal

Details

Reference
bz26495

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 11:20 PM
bzimport added a project: Wikimedia-Prototype-server.
bzimport set Reference to bz26495.
bzimport created this task.Dec 30 2010, 2:23 AM
MZMcBride added a comment.Dec 30 2010, 2:25 AM

At what URL did you see this message?

bzimport added a comment.Dec 30 2010, 2:28 AM

thor.malmjursson wrote:

MZMcBride, sorry - I forgot to note the URL in the bug.

The link is:

http://prototype.wikimedia.org/en-wp/index.php?title=Special:UserLogin&returnto=Main_Page

jeremyb added a comment.Dec 30 2010, 5:37 AM

http://prototype.wikimedia.org/en-wp/index.php?title=Special%3AAllMessages&prefix=loginend&filter=all&lang=en

http://en.wikipedia.org/w/index.php?title=MediaWiki:Loginend&action=raw

Something's borked about the code or config, I can't seem to view history or source (even action=raw) for any page i've tried.

Since the same wording exists upstream at en.wp i assume that it was just a db copy or dump import of en.wp and that message was never changed.

Catrope added a comment.Dec 30 2010, 9:21 AM

(In reply to comment #3)

http://prototype.wikimedia.org/en-wp/index.php?title=Special%3AAllMessages&prefix=loginend&filter=all&lang=en

http://en.wikipedia.org/w/index.php?title=MediaWiki:Loginend&action=raw

Something's borked about the code or config, I can't seem to view history or
source (even action=raw) for any page i've tried.

Fatal error: Call to undefined method MediaWiki::getAction() in /srv/org/wikimedia/prototype/extensions/InputBox/InputBox.hooks.php on line 55

Fixed by running svn up on the en-wp directory, apparently hadn't been done in a long time. Also note that the d-en prototype runs off the REL1_17 branch, so you might find that more useful.

Since the same wording exists upstream at en.wp i assume that it was just a db
copy or dump import of en.wp and that message was never changed.

That's exactly what happened, yes. Fixed: http://prototype.wikimedia.org/en-wp/index.php?title=MediaWiki%3ALoginend&action=historysubmit&diff=8065&oldid=7644

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL