Description
Reversions are allowed without TextCha, even when TextCha is enabled on the wiki. This means spammers or malicious persons can more easily do damage to your site.
Steps to reproduce
- Enable textchas in wikiconfig.py by setting the textchas= option
- Make a change - note that textcha question is asked and respected.
- Click Info, revert the change
Expected: Should have been asked a TextCha before the reversion was accepted.
Actual: No textcha was asked.
Example
(any wiki page on a site with textcha enabled)
Component selection
- textcha
Details
MoinMoin Version |
1.7.2 |
OS and Version |
Ubuntu Linux 8.04 |
Python Version |
2.5 |
Server Setup |
standalone |
Server Details |
|
Language you are using the wiki in (set in the browser/UserPreferences) |
en |
Workaround
Dunno. Spammers don't revert much, I guess.
Discussion
After thinking a while about it, i think it is not a bug, because:
spammers don't revert much
- spammer want to get spam into the wiki - for that they need SAVE (and that is protected)
- if they managed to SAVE somehow, you reverted it and they revert their version again (revert war), a textcha does not help (otherwise they would not have been able to save)
Plan
- Priority:
- Assigned to:
- Status: