Page MenuHomeMiraheze
Create Task
Maniphest T7903

Review cloudflare CSP Entry
Closed, ResolvedPublic
Actions

Description

CSP REVIEW

  • Is the site equipped with a privacy policy? Yes
  • Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? Yes, it would appear to be the case
  • Does the site provide a list of personal data being collected by using the service? Yes, see PP
  • Is the website owner known to have a bad reputation regarding privacy? No
  • Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Unsure
  • Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Likely
  • Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? Yes, privacyquestions@cloudflare.com
  • Is the site equipped with a security policy? Yes
  • Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? Don't see any specifics except the standard 'reasonable steps'
  • Is the website owner known to have a bad reputation regarding information security? No
  • Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? Seems to be the same contact as for privacy (see above)

Related Objects

Event Timeline

John triaged this task as Normal priority.Aug 28 2021, 19:37
John created this task.
Herald added a subscriber: RhinosF1. · View Herald TranscriptAug 28 2021, 19:37
Reception123 updated the task description. (Show Details)Aug 31 2021, 06:34
Herald added a subscriber: Unknown Object (User). · View Herald TranscriptAug 31 2021, 06:34
Reception123 subscribed.Aug 31 2021, 06:35

Cloudflare seems to comply with most of our checklist and since it itself is in the security industry and used by many websites I wouldn't think it would have any such issues, so in my opinion it should be approved. Passing onto T&S.

Reception123 moved this task from SRE Review to T&S Review on the CSP Review board.Aug 31 2021, 06:35
Reception123 added a project: Trust & Safety.
Owen moved this task from T&S Review to DSRE Review on the CSP Review board.Aug 31 2021, 14:08
Owen subscribed.

The assessment looks good, no concerns are raised from me.

John closed this task as Resolved.Aug 31 2021, 17:25
John claimed this task.
John moved this task from DSRE Review to Completed on the CSP Review board.
Reception123 mentioned this in T7912: Review minotar CSP Entry.Jan 21 2022, 13:59
Reception123 mentioned this in T7889: Review reviservices.com CSP Entry.Jan 31 2022, 08:48