Page MenuHomeMiraheze

CSP review for
Closed, ResolvedPublic


Only access to download images would be needed.

  • Is the site equipped with a privacy policy? Yes
  • Does the site attempt to comply with the GDPR? Can European Union inhabitants invoke their individual rights? No explicit mention of GDPR, but similar provisions exist (deletion, etc.)
  • Does the site provide a list of personal data being collected by using the service? Yes
  • Is the website owner known to have a bad reputation regarding privacy? No
  • Can wikis use the external service, even if the visitor wants to deny any cookies or other form of tracking? Likely yes
  • Will wikis stay usable, even if the visitor blocks the external resource by using an ad blocker? Yes
  • Is there a Data Protection Officer and/or Privacy Team that can be contacted by Miraheze? Yes, see Data Protection Contacts
  • Is the site equipped with a security policy? Part of PP
  • Does the site clarify their security measures to protect collected user data? Can the site assure measures are being taken to protect code injection into the loaded external resources? Yes, generic assurances given
  • Is the website owner known to have a bad reputation regarding information security? No
  • Is there a Chief Information Security Officer and/or Security Team that can be contacted by Miraheze? General contact can be used

Event Timeline

OrangeStar triaged this task as Normal priority.Feb 4 2024, 12:15
OrangeStar created this task.
Reception123 updated the task description. (Show Details)
Reception123 moved this task from SRE Review to DSRE Review on the CSP Review board.
Reception123 subscribed.

Checklist is fulfilled and no real concerns with this website.

Universal_Omega changed the task status from Open to In progress.Feb 5 2024, 08:05
Universal_Omega moved this task from Backlog to Short Term on the MediaWiki (SRE) board.

Added to CSP. Puppet will deploy this change in ~30 minutes or less.