Page MenuHomeMiraheze
Create Task
Maniphest T7862

Add newspapers.com to whitelist
Closed, ResolvedPublic
Actions

Description

I have been researching my subject of interest - the history of bicycles in the San Francisco (California, USA) bay area, 1880 to 1910 - for several years. I've clipped over 5,000 newspaper articles at newspapers.com, as well as clippings at other newspaper archive sites, and I've collected other sources as well. Most content is at newspapers.com. I transcribe the text, correct it, research and link / comment to show the research, then present it, I've done that primarily via a blogger blog, in html, at http://fastestslowguy.blogspot.com/. I think I need to migrate to a wiki, to show relationships between people and things, so I've started migrating to one, here. But I'm really blocked by the inability to display images from newspapers.com. I can show text and links, but the images are critical.

I'm requesting you allow newspapers.com on your whitelist.

I'm working on https://wooljersey.miraheze.org/. The main page is unchanged as of yet, I've added pages and I'm experimenting with how to present the information.

I asked about this on the #miraheze irc channel, and RhinosF1 told me that it would need to be added to the CSP, and that changes to the CSP are closed. I'm asking anyway. Thanks for this creating and hosting this service.

CSP REVIEW: Newspapers.com is owned by Ancestry.com (as indicated in their footer: "2021 Newspapers.com™ by Ancestry®") and therefore the CSP review done was of Ancestry.com

  • Is the site equipped with a privacy policy? Yes
  • Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? Yes, see PP
  • Does the site provide a list of personal data being collected by using the service? Yes, see PP
  • Is the website owner known to have a bad reputation regarding privacy? No
  • Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Unclear
  • Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Yes
  • Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? Yes, dpo@ancestry.com
  • Is the site equipped with a security policy? Yes, see PP
  • Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? No specifics; standard general statement
  • Is the website owner known to have a bad reputation regarding information security? No
  • Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? Unclear but can probably be contacted via general support

Related Objects

Event Timeline

Alpastor created this task.Aug 26 2021, 04:25
Herald added a subscriber: RhinosF1. · View Herald TranscriptAug 26 2021, 04:25
Reception123 triaged this task as Normal priority.Aug 26 2021, 05:48
Reception123 added projects: MediaWiki, MediaWiki (SRE).
Herald added subscribers: Reception123, NDKilla. · View Herald TranscriptAug 26 2021, 05:48
Unknown Object (User) updated the task description. (Show Details)Aug 29 2021, 21:32
Unknown Object (User) edited projects, added CSP Review; removed MediaWiki.
Herald added a subscriber: Unknown Object (User). · View Herald TranscriptAug 29 2021, 21:32
Unknown Object (User) moved this task from Backlog to Short Term on the MediaWiki (SRE) board.Aug 29 2021, 21:32
Alpastor added a comment.Aug 30 2021, 15:57

CSP REVIEW

Is the site equipped with a privacy policy?

The stock one from miraheze (?) is linked at the bottom of the main page.

Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights?

Not especially. It's a collection of newspaper articles and supporting information from between 140 - 80 years ago, describing people, places and things near San Francisco, CA USA. If someone alive wanted me to remove something, I would.

Does the site provide a list of personal data being collected by using the service?

No.

Is the website owner known to have a bad reputation regarding privacy?

I don't believe so. There is one person associated with wooljersey.miraheze.org and fastestslowguy.blogspot.com, me.

Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking?

Um, sure? I want this information out in the world.

Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker?

The information is there in text form, but directly representing remote images helps me tell historical stories better. A text-only representation doesn't sell as well, either. People just don't click as much.

Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze?

And chief bottle washer, all me.

Is the site equipped with a security policy?

No.

Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources?

No, and not yet.

Is the website owner known to have a bad reputation regarding information security?

I don't think so.

Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze?]

That would also be me.

I'm guessing I'll end up hosting my own wiki somewhere. This site and service is noble and worthy, but to tell the story of a place, and the people who lived in it several generations ago, I'm going to need some pictures, and they aren't going to be illustrations I drew, or photographs I took.

Unknown Object (User) added a comment.EditedAug 30 2021, 16:02

The "CSP Review" is for newspapers.com not your wiki. It's usage is for SRE and Trust and Safety for approval for CSP whitelist additions.

Reception123 updated the task description. (Show Details)Sep 6 2021, 13:40

Ancestry.com (which hosts Newspapers.com) seems to fulfil our checklist and therefore it should in my opinion be approved. Passing onto T&S for review.

Reception123 moved this task from SRE Review to T&S Review on the CSP Review board.Sep 6 2021, 13:41
Reception123 added a project: Trust & Safety.
Owen moved this task from T&S Review to DSRE Review on the CSP Review board.Sep 10 2021, 16:48
Owen subscribed.

The assessment seems thorough and accruate.

John closed this task as Resolved.Sep 11 2021, 10:19
John claimed this task.
John moved this task from DSRE Review to Completed on the CSP Review board.
Restricted Repository Identity mentioned this in rPUPC23bfea406ed7: Add new CSP sites.Sep 11 2021, 10:20