[Cloud] [Cloud-announce] Toolforge email server now enforcing ratelimiting

Hi, we just enabled email ratelimiting in our MTA server [0] in Toolforge. Please, report any problem or issue you may find related to this. The current limit is 100 messages per hour per sender address. We may tune the value as we observe the behavior of the system and the users. regards. [0]

Re: [Cloud] Need help with selectize.js

Thank you for reminding me that fixing this has been on my list for a while. My CSP-fu is weak. As I understand it, all I need do is: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"; - integrity="sha384-ggOyR0iXCbM

Re: [Cloud] Screen sessions

> Using `script /dev/null` is the advice on < https://wikitech.wikimedia.org/wiki/Screen#Troubleshooting>, but I don't know what the security consequences/implications are either. Ahh...thanks for pointing that out. I searched just the Toolforge documentation on Wikitech and so completely missed th

Re: [Cloud] Need help with selectize.js

Oh, this is unexpected. When I do the change diffed below, I get: > Subresource Integrity: The resource > 'https://tools-static.wmflabs.org/cdnjs/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css' > has an integrity attribute, but the resource requires the request to be CORS > enabled to

Re: [Cloud] Need help with selectize.js

I wouldn't think you'd need any additional attributes. Just something like: https://tools-static.wmflabs.org/cdnjs/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css "> This is how I do it in my tools. ~ MA On Wed, Jun 24, 2020 at 10:15 AM Roy Smith wrote: > Oh, this is unexpected. When

Re: [Cloud] Need help with selectize.js

On Wed, Jun 24, 2020 at 8:15 AM Roy Smith wrote: > > Oh, this is unexpected. When I do the change diffed below, I get: > > Subresource Integrity: The resource > 'https://tools-static.wmflabs.org/cdnjs/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css' > has an integrity attribute, but the

Re: [Cloud] Need help with selectize.js

Honestly, I don't see any downsides to just keeping the attributes. Integrity validation is a valid defense and if it's blocked for some reason that should be fixed on our side. YiFei Zhu On Wed, Jun 24, 2020, 10:11 MusikAnimal wrote: > I wouldn't think you'd need any additional attributes. Jus

Re: [Cloud] Need help with selectize.js

OK, I got this solved. Turns out I had a bug in my django template inheritance, which was causing selectize to load before jquery. In an odd sort of way, the issue with the Content Security Policy violations turned out to be important. I knew it was a problem, but blew off doing anything abou

Re: [Cloud] Need help with selectize.js

Unless something has changed, Wmflabs policy requires that we only use Wikimedia CDNs. Other CDNs use cookies to track a user's actions, which violates the privacy policy. Magog On Wed, Jun 24, 2020 at 3:41 PM Roy Smith wrote: > OK, I got this solved. Turns out I had a bug in my django templat

[Cloud] Slow uWSGI logging

I'm running a web server with "webservice --backend=kubernetes python3.7". As I tail the uwsgi.log file, requests to my server get logged with very long delays. I just timed one at about a minute and a half between when the request was served (03:07:57 UTC 2020) and when it showed up in the lo

Re: [Cloud] Slow uWSGI logging

My guess is output stream buffering, at either the libc level or the python level. Which tool is this? I can probably strace and see if that is the case. YiFei Zhu On Wed, Jun 24, 2020 at 10:16 PM Roy Smith wrote: > > I'm running a web server with "webservice --backend=kubernetes python3.7".