False positive on Spam Blacklist filter
Closed, InvalidPublic
Actions

Assigned To

None

Authored By

	• bzimport
	Jan 30 2007, 3:47 PM

Description

Author: md5

Description:
On English Wikipedia and Meta, the following text is triggering the spam blacklist:

<div style="overflow:auto; height: 10em;"/>

The error message is "The following text is what triggered our spam filter:
overflow:auto; height:". I was able to work around it by reversing the
"overflow" and "height" properties.

I tried to track it down in the code, but I couldn't find the culprit. It may be
related to the setting of $wgUrlProtocols on the Wikimedia servers, but I don't
know that that setting is. The setting in DefaultSettings.php wouldn't have this
problem. I don't have access to a local MediaWiki install at the moment to test.

Version: unspecified
Severity: minor
Platform: PC
URL: http://en.wikipedia.org

Details

Reference: bz8829

Event Timeline

• bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:29 PM

• bzimport added a project: WMF-General-or-Unknown.

• bzimport set Reference to bz8829.

• bzimport added a subscriber: Unknown Object (MLST).

• bzimport created this task.Jan 30 2007, 3:47 PM

robchur wrote:

I expect we're filtering out 'style="overflow: auto"' since it's often used in
mass spam and vandalism attacks; this would be set in $wgSpamRegex.

Correct, that is indeed in the filter.

i expect spammers will soon start to revert those attributes too, or inject
random cruft to obfuscate them. the spam-regex would need to be more flexible to
catch that. and would then prevent any such workarounds from working any longer.

md5 wrote:

This is disappointing.

False positive on Spam Blacklist filterClosed, InvalidPublicActions

Description

Details

Event Timeline

False positive on Spam Blacklist filter
Closed, InvalidPublic
Actions