[Commons-l] Fwd: [Wikitech-l] ImportFreeImages Extension
Brianna Laugher
brianna.laugher at gmail.com
Thu Dec 14 14:50:36 UTC 2006
On 14/12/06, Magnus Manske <magnusmanske at googlemail.com> wrote:
> On 12/13/06, Bryan Tong Minh <bryan.tongminh at gmail.com> wrote:
> > Is there no way you can upload using your own commons login name?
>
> I already thought about extending commonshelper so it accepts commons
> user name and password. The upload bot could then use that for
> uploading.
>
> Of course, any user of the tool then would have to give this
> information to my tools, without knowing what else I do with that (I
> won't, of course, but short of the toolserver admins, noone can
> actually confirm that).
>
> OTOH, as long as I keep it optional, would such a mechanism be acceptable?
Is there any other toolserver tool that requests or uses user's passwords?
I really dislike the idea. I don't think the convenience outweighs the
possible security problems and I don't think we should keep putting
bricks onto temporary solutions: obviously the function should be
performed by MediaWiki. But then, we already rely on CheckUsage, so...
sigh...
Another possibility is that we ask for upload-from-url to be enabled
on Commons. (I can't remember if it is an actual feature yet or just a
mooted one.) Then CommonsHelper could be more or less single click,
right?
It has been suggested that allowing upload-from-url will bring
torrents of copyvios. Undoubtedly it will, but we get torrents of
copyvios already. Upload-from-url should allow us to track the true
origin of images much more easily (assuming that info is made
available!). At the moment it is a lot of guesswork and hunches.
cheers
Brianna
More information about the Commons-l
mailing list