Board Thread:General Discussion/@comment-27103088-20151021150257/@comment-27103088-20151021233407

Dessamator wrote:

This solution assumes that there can be software designed to do that, which is not possible. There are a gazzilion ways to write code, there are even more ways to obsfucate code, and  there are many exploits that can happen that the developer  community might not know of. I don't see how writing software that detects when potentially evil things are done to the DOM would be impossible. AFAIK there aren't many ways of accessing DOM objects, and I'm pretty sure that no amount of obfuscation could hide overriding and aliases from a good parser. How would a JavaScript interpreter successfully execute such code if it wasn't possible to detect what it could do beforehand? There may be some things that can't be known until runtime, but that's why wrapping DOM-access code with functions that evaluate the objects at runtime was one of my suggestions.

There may be a few other exploits caused by browser bugs or some js features I am not aware of, but accessing the DOM should very easy to detect.

Dessamator wrote:

If such a simple solution existed, then Wikimedia foundation (who knows of this problem for possibly close to a decade) would have implemented it. My proposed solutions do not apply to MediaWiki itself, and I do not believe the developers of MediaWiki should even be concerned about adding such security measures to their software since the only way for such exploits to be done in a vanilla MediaWiki setup would be to trick an irresponsible administrator into adding malicious code.

However, Wikia needs to make sure the js their users are writing is safe, because they don't need to trick anyone to insert malicious code. A well-made automated system will make the safety checks mostly unnoticable for good users.

Dessamator wrote:

Anyway, although importing scripts from dev.wikia could be automatic. It would incredibly irresponsible for them to simply allow such a thing because dev.wikia was one of the sources of security exploits that hit many wikias. Dev Wikia is safe now because of the recently implemented codeeditor rank. I believe this is an acceptable measure because there isn't nearly as much general-purpose code than there is wiki-specific.