fbmarkdown icon indicating copy to clipboard operation
fbmarkdown copied to clipboard

Published 20 hours ago verified publisher icon hhvm

Support user-generated-content

Open fredemmott opened this issue 4 years ago • 2 comments

  • [ ] provide a way to whitelist URI schemes; for example, http, https, mailto, irc are likely fine, javascript is not. This should affect links, link reference definitions, and autolinks
  • [ ] provide a way to specify rel="nofollow ugc" on all links, with no way to override from markdown content
  • [ ] provide a way to to filter images (to avoid injecting example.com/trackme.gif); for example:
    • whitelist domains
    • switch them to a privacy-preserving proxy (which would need to avoid open proxy issues)
    • these should not be explicitly supported - instead a general mechanism should be implemented to allow people to implement whatever fits their needs the best

fredemmott avatar Aug 27 '20 21:08 fredemmott

WIP from me!

atielking avatar Sep 02 '20 20:09 atielking

A large part of this is now merged in - I need to dig through to see how much of " provide a way to to filter images (to avoid injecting example.com/trackme.gif)" is practical now

fredemmott avatar Nov 12 '20 20:11 fredemmott