Giter VIP home page Giter VIP logo

Comments (52)

PullJosh avatar PullJosh commented on June 22, 2024

Is it worth even including any sort of project sharing? It makes malicious projects a much bigger issue. :/

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

True, but I'm sure I can recruit people to be mods
Also, if they saved anything malicious, we could get in trouble anyways for hosting it although it's not on purpose

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

And that's when things start to get messy.
In your own words, "Just because we can doesn't mean we should."

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

Exactly. Should we even allow project saving on the server?

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

Yeah. I would allow that.

Do what Snap! does.

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

What does Snap! do? I've never used it.

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

Make an account, then you can save your projects online, but it's private to you.

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

Sounds good, though I'm still worried about bad uploads... :L

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

What do you mean by that?

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

Stuff I probably shouldn't mention, and it's better if you don't know about :/
I guess it's fine as long as the ToS covers our butts.

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

Hmm... I might know what you mean. :3

Implement banning of users/IPs.

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

It's not something you should be going ":3" about...
I can do bans pretty easily.

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024
  1. Then I probably don't know.

  2. Awesome!

from elemental.

BookOwl avatar BookOwl commented on June 22, 2024

I would say that we should implement a simple forum.

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024
  1. And it's good that you don't. Trust me.
  2. :D

@BookOwl DjangoBB shouldn't be too hard to set up (I think)

from elemental.

BookOwl avatar BookOwl commented on June 22, 2024

Good

from elemental.

quat1024 avatar quat1024 commented on June 22, 2024

I really really don't think we should handle this ourselves. How about some kind of "Share to CodePen" button, and let them handle the community aspects / moderation / etc. They have an api.

That way people can get feedback from an existing and active community of professional front-end designers as well.

https://blog.codepen.io/documentation/api/prefill/

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

Oh, that's cool! Didn't know that existed.

from elemental.

quat1024 avatar quat1024 commented on June 22, 2024

Me neither until I decided to google "codepen api" 😜

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

GG.
Good guess

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

Should we let them log in to accounts still? They can link their account to a Codepen account.
Also - isn't CodePen for only SPAs? Not multiple pages?

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

Ah, true... One page only. :/

from elemental.

quat1024 avatar quat1024 commented on June 22, 2024

Upload each page as an individual codpen? Links work across pens I think

Will require some url-fudging though on links and I'm not sure I like that (plus it might be impossible)

Huh

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

Not a fan of that method, though I can't say I have a better one.

from elemental.

quat1024 avatar quat1024 commented on June 22, 2024

Yeah actually no, it's impossible. If page A links to page B and vice versa, they both need to know each other's urls.

Other options = faking links with JS, just plain disabling the codepen button on multi-page sites, not having an online community at all (lol), doing our own online community (and then get it hacked, heh), or providing basic anonymous-only sharing so there's no personal information we're being trusted with.

If we do our own community we'll need an anti-phishing feature prolly. I like how CodePen puts a little bar at the bottom in full-page view so they know it's a Pen and not a "real" website (random pen from the front page example http://codepen.io/russted/full/pJOPxO/ )

Ed: Sorry to be a debbie downer about all this community stuff, I'm just super paranoid

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

I don't think it'll get hacked that easily (django's pretty good), but I'm worried about uploads.

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

You don't think. And you're probably right.

But you might be wrong, and that would really suck.

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

Django's security is already built-in, unlike PHP in Gwiddle or x10 where you have to make your own security.

from elemental.

quat1024 avatar quat1024 commented on June 22, 2024

As long as there's 0% chance any typed code by a user can be executed on the server we're good right ?

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

Yup - Django cleans its queries, and I will never execute raw SQL.
Social engineering isn't something anybody can stop, though.

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

If it's inapropriate images, how about only running images that are links to trusted img-sharing sources (dunno which ones)

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

tinypic and cubeupload only?
Or are there any others?

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

https://www.youtube.com/watch?v=WzKKjJuujSs

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

tinypic and cubeupload it is.

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

Kk!

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

Swear filtering would have to be hashed so people from Scratch who might look at the code don't see a list :P

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

oh yeah dang it
who knows the most swear words?
xD

we should probably just find a pip package for it - I don't think we care if they make their own site unshared with whatever they want, but it should be filtered before sharing.

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

I dunno. I know a few, but I have a family computer and I don't know if it's keylogged soooo

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

there's probably a library that'll do that for us :P

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

I hope so.

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

Yep!

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

Moderation is why I haven't made a website :P

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

"Is it worth even including any sort of project sharing? It makes malicious projects a much bigger issue. :/" - Me, four hours ago

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

"Make an account, then you can save your projects online, but it's private to you."

  • You, four hours ago

We could manually approve users to share projects...

from elemental.

an-OK-squirrel avatar an-OK-squirrel commented on June 22, 2024

Uh-huh! I think some other sites do that. (pj, check your scratch messages!)

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

@Firedrake969 I forgot about that... Man, I have really good ideas.

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

xD

from elemental.

alyssarosenzweig avatar alyssarosenzweig commented on June 22, 2024

If you embed each page of the site within a script element (of type "text/html"), then it's pretty natural to do some JavaScript fiddling to fit a site on one codepen link...

Probably ugly tho

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

Ew.

from elemental.

PullJosh avatar PullJosh commented on June 22, 2024

Probably?

from elemental.

matthewr6 avatar matthewr6 commented on June 22, 2024

I'm interested in it...
But doesn't mean it's probably going to be hard to implement and ugly :P

from elemental.

alyssarosenzweig avatar alyssarosenzweig commented on June 22, 2024

haha

from elemental.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.