Page MenuHomeMiraheze
Create Task
Maniphest T8687

Add 29TB.github.io to the CSP
Closed, DeclinedPublic
Actions

Description

CSP REVIEW

  • Is the site equipped with a privacy policy?
  • Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights?
  • Does the site provide a list of personal data being collected by using the service?
  • Is the website owner known to have a bad reputation regarding privacy?
  • Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking?
  • Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker?
  • Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze?
  • Is the site equipped with a security policy?
  • Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources?
  • Is the website owner known to have a bad reputation regarding information security?
  • Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze?

Event Timeline

29TB created this task.Jan 28 2022, 21:06
Herald added subscribers: Agent_Isai, Unknown Object (User), RhinosF1. · View Herald TranscriptJan 28 2022, 21:06
29TB added a comment.Jan 28 2022, 21:06

I believe my website should not have any cookies, or any PII collection.

29TB added a comment.Jan 28 2022, 21:07

It depends mostly on GitHub pages, and Plasmic.

29TB added a project: CSP Review.Jan 28 2022, 21:08
Herald added a project: MediaWiki (SRE). · View Herald TranscriptJan 28 2022, 21:08
29TB added a comment.Jan 28 2022, 21:15

Made a PR (https://github.com/miraheze/puppet/pull/2403/files)

29TB triaged this task as Normal priority.Jan 28 2022, 23:31
29TB moved this task from Backlog to Short Term on the MediaWiki (SRE) board.
Dmehus closed this task as Resolved.Jan 30 2022, 20:59
Dmehus claimed this task.
Dmehus subscribed.

This can be closed as resolved, as though valid, no action is required following the requestor's global lock. Should the master account request to be unlocked, this can be either reopened, or they may open a new request.

RhinosF1 changed the task status from Resolved to Declined.Jan 30 2022, 20:59

This isn't resolved as the change wasn't done.

Dmehus added a comment.Jan 30 2022, 21:04
In T8687#176087, @RhinosF1 wrote:

This isn't resolved as the change wasn't done.

Okay, thanks, I debated whether to use declined or not, but wasn't sure if I could decline it. Anyway, thanks. :)

Dmehus awarded a token.Jan 30 2022, 21:04