Why:
- We want to allow administrators to invoke a CAPTCHA
if an AbuseFilter is configured to do so.
What:
- Implement the AbuseFilterCustomActions hook and define
CaptchaConsequence, which will inform AbuseFilter's implementation
of onConfirmEditTriggersCaptcha that it should show a CAPTCHA
- Deliberately do not register the "showcaptcha" action as a "dangerous
action", because filters that use this action are aimed at bot
traffic, and we don't want a bot to be able to get past the
"showcaptcha" action just by making repeat requests
Soft depends on I110a5f5321649dcf85993a0c209ab70b9886057c
Bug: T20110
Change-Id: Ie87e3d850541c7dc44aaeb6b30489a32a0c8cc60
This is one of the last extensions to be converted to having
the API messages in a separate file (at least out of the extensions
that are used be Wikimedia).
This one is a bit different from the others because it actually as several
extensions with separate i18n files, so it requires extra-careful review,
especially in Gruntfile and the extension.json files.
Bug: T189982
Change-Id: I66faae6fd4ff447327587c89ad2a1704edd1b356
The user now can press the preview button to bring up an interpreted list
of the lines of the interface message MediaWiki:Captcha-ip-whitelist to check
if the added/remained data is (still) a valid list of (whitelisted) IP addresses.
Bug: T129757
Change-Id: Ic61f00e7f88c9290ae6e11f7258c11a730ac98c8
Also remove references to "two words" from ReCaptcha labels.
The captcha image doesn't always contain two words.
Bug: T110302
Change-Id: I544656289480056152a1db195babb6dadf29bc71
Also update MathCaptcha so that it works with recent versions of
Math (and breaks with old ones). Also fix MathCaptcha API output,
which used to send the question in plaintext.
Bug: T110302
Change-Id: I0da671a546700110d789b79a3089460abd9cce3b
Depends-On: I8b52ec8ddf494f23941807638f149f15b5e46b0c
Local administrators can now use [[MediaWiki:Captcha-ip-whitelist]]
page to exempt specific IP addresses and IP ranges from captchas.
This is useful for modifying in a short notice such as editathons and
other events like this where captchas add unnecessary complexity for
new users.
The page is disabled by default and IPs should be added separated by
newlines. If any other character is found on a line, it will be ignored
but leading and trailing whitespace characters are allowed.
Bug: T103122
Change-Id: I54866b5bfca80debcf3d3fb7963932ed03b48548
If the user has not resolved the "edit"-triggered CAPTCHA correctly,
show an error message, so the user knows, why their edit isn't saved.
Change-Id: Iecbf280e76e450d111f548fda29220688c65fc3a